Security Alert (A22-07-13): Multiple Vulnerabilities in Apple iOS and iPadOS


 

Published on: 21 July 2022

  
  

Description:

Apple has released iOS 15.6 and iPadOS 15.6 to fix the vulnerabilities in various Apple devices. The list of vulnerability information can be found at:

https://support.apple.com/en-us/HT213346

 

Affected Systems:

  • iPhone 6s and later
  • iPad 5th generation and later, Air 2 and later, mini 4 and later, Pro (all models)
  • iPod touch (7th generation)

 

Impact:

A successful exploitation could lead to arbitrary code execution, denial of service, information disclosure, privilege escalation, security restriction bypass or spoofing on an affected device.

 

Recommendation:

Apple has released new version of iOS and iPadOS to address the issue.

The updates can be obtained through the auto-update mechanism. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://support.apple.com/en-us/HT213346
  • https://www.hkcert.org/security-bulletin/apple-products-multiple-vulnerabilities_20220721
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2294
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26768
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26981
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32784 (to CVE-2022-32785)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32787 (to CVE-2022-32788)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32792 (to CVE-2022-32793)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32802
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32810
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32813 (to CVE-2022-32817)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32819 (to CVE-2022-32821)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32823 (to CVE-2022-32826)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32828 (to CVE-2022-32830)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32832
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32837 (to CVE-2022-32841)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32844 (to CVE-2022-32845)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32847
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32849
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32855
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32857


Tag: Apple , iOS , iPhone , iPad , iPod , iPadOS
Tags