Security Alert (A21-05-10): Multiple Vulnerabilities in Apple iOS and iPadOS


 

Published on: 25 May 2021

  
  

Description:

Apple has released iOS 14.6 and iPadOS 14.6 to fix the vulnerabilities in various Apple devices.  The list of vulnerability information can be found at:

https://support.apple.com/zh-hk/HT212528

 

Affected Systems:

  • iPhone 6s and later
  • iPad 5th generation and later, Air 2 and later, mini 4 and later, Pro (all models)
  • iPod touch (7th generation)

 

Impact:

Depending on the vulnerability exploited, a successful exploitation could lead to arbitrary code execution, cross-site scripting, denial of service, tampering, information disclosure, privilege escalation, security restriction bypass or system corruption on an affected device.

 

Recommendation:

Apple has released new version of iOS and iPadOS to address the issue:

The updates can be obtained through the auto-update mechanism.  Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21779
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30667
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30674
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30677
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30681
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30682
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30685 (to CVE-2021-30687)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30689
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30691 (to CVE-2021-30695)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30697 (to CVE-2021-30701)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30704
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30705
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30707 (to CVE-2021-30710)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30714
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30715
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30720
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30723 (to CVE-2021-30725)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30727
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30729
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30734
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30736
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30737
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30740
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30741
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30744
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30746
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30749


Tag: Apple , iOS , iPad , iPadOS , iPhone , iPod
Tags