Security Alert (A21-07-14): Multiple Vulnerabilities in Apple iOS and iPadOS


 

Published on: 22 July 2021

  
  

Description:

Apple has released iOS 14.7 and iPadOS 14.7 to fix the vulnerabilities in various Apple devices. The list of vulnerability information can be found at:

https://support.apple.com/en-us/HT212601

 

Affected Systems:

  • iPhone 6s and later
  • iPad 5th generation and later, Air 2 and later, mini 4 and later, Pro (all models)
  • iPod touch (7th generation)

 

Impact:

A successful exploitation could lead to arbitrary code execution, denial of service, information disclosure, privilege escalation, security restriction bypass or system corruption on an affected device.

 

Recommendation:

Apple has released new version of iOS and iPadOS to address the issue.

The updates can be obtained through the auto-update mechanism. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://support.apple.com/en-us/HT212601
  • https://www.hkcert.org/security-bulletin/apple-products-multiple-vulnerabilities_20210722
  • https://us-cert.cisa.gov/ncas/current-activity/2021/07/21/apple-releases-security-updates
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328 (to CVE-2020-36331)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3518
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30748
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30758 (to CVE-2021-30760)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30763
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30768 (to CVE-2021-30770)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30773 (to CVE-2021-30776)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30779 (to CVE-2021-30781)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30785
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30786
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30788 (to CVE-2021-30792)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30795 (to CVE-2021-30800)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30802
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30804


Tag: Apple , iOS , iPad , iPadOS , iPhone , iPod
Tags