Description:
Apple has released iOS 15.1 and iPadOS 15.1 to fix the vulnerabilities in various Apple devices. The list of vulnerability information can be found at:
https://support.apple.com/en-us/HT212867
Affected Systems:
- iPhone 6s and later
- iPad 5th generation and later, Air 2 and later, mini 4 and later, Pro (all models)
- iPod touch (7th generation)
Impact:
A successful exploitation could lead to arbitrary code execution, cross-site scripting, information disclosure, privilege escalation, security restriction bypass or system corruption on an affected device.
Recommendation:
Apple has released new version of iOS and iPadOS to address the issue.
The updates can be obtained through the auto-update mechanism. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.
More Information:
- https://support.apple.com/en-us/HT212867
- https://www.hkcert.org/security-bulletin/apple-products-multiple-vulnerabilities_20211027
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30875
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30881
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30886 (to CVE-2021-30890)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30894
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30900
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30902
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30903
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30905 (to CVE-2021-30907)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30909 (to CVE-2021-30911)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30914 (to CVE-2021-30917)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30919