Security Alert (A20-12-04): Multiple Vulnerabilities in Apple iOS and iPadOS

Description:

Apple has released iOS 14.3 and iPadOS 14.3 as well as iOS 12.5 to fix multiple vulnerabilities in various Apple devices. The list of vulnerability information can be found at:

https://support.apple.com/en-us/HT212003
https://support.apple.com/en-us/HT212004

Affected Systems:

• iPhone 5s and later
• iPad Air and later
• iPad mini 2 and later
• iPod touch (6th and 7th generation)

Impact:

A successful attack could lead to arbitrary code execution, information disclosure, security restriction bypass or system corruption.

Recommendation:

Apple has released new versions of iOS and iPadOS to address the issue.

The updates can be obtained through the auto-update mechanism. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

More Information:

https://support.apple.com/en-us/HT212003
https://support.apple.com/en-us/HT212004
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15969
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27943
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27944
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27946
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27948
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27951
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29611
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29613
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29617 (to CVE-2020-29619)