Fwd: [CIAD-2020-0049] Multiple Vulnerabilities in Apple iOS and iPadOS

3 years ago 303

BOOK THIS SPACE FOR AD

ARTICLE AD

Software Affected

· Apple iOS and iPadOS versions prior to 13.6

Overview

Multiple vulnerabilities have been reported in Apple iOS and iPadOS which

could allow a remote attacker to execute arbitrary code with kernel

privileges, cause denial of service conditions, access sensitive

information, bypass security restrictions, hijack VPN connections or

perform cross site scripting attacks on a targeted system.

Description

Multiple vulnerabilities exist in Apple iOS and iPadOS due to out-of-bounds

read and write errors, multiple memory corruption issues, improper input

validation, improper state management, improper access restrictions,

insufficient verification and checks, buffer overflow error, use after free

error, improper escaping and other logical errors in Audio,

AVEVideoEncoder, Bluetooth, CoreFoundation, Crash Reporter, GeoServices,

iAP, ImageIO, Kernel, Mail, Messages, Model I/O, Safari Login AutoFill,

Safari Reader, WebKit, WebKit Page Loading, WebKit Web Inspector and Wi-Fi

components of the software.

Successful exploitation of these vulnerabilities could allow the attacker

to execute arbitrary code with kernel privileges, cause denial of service

conditions, access sensitive information, bypass security restrictions,

hijack VPN connections or perform cross site scripting attacks on the

targeted system.

Solution

Apply appropriate updates mentioned in the Apple security updates

Vendor Information

Apple

References

CISecurity

cts-could-allow-for-arbitrary-code-execution_2020-098/

CVE Name

CVE-2020-9888

CVE-2020-9889

CVE-2020-9890

CVE-2020-9891

CVE-2020-9907

CVE-2020-9931

CVE-2020-9934

CVE-2020-9865

CVE-2020-9933

CVE-2020-9914

CVE-2020-9936

CVE-2020-9923

CVE-2019-14899

CVE-2020-9909

CVE-2019-19906

CVE-2020-9885

CVE-2020-9878

CVE-2020-9903

CVE-2020-9911

CVE-2020-9894

CVE-2020-9915

CVE-2020-9893

CVE-2020-9895

CVE-2020-9925

CVE-2020-9910

CVE-2020-9916

CVE-2020-9862

CVE-2020-9918

CVE-2020-9917

Read Entire Article

LEFT SIDEBAR AD

Fwd: [CIAD-2020-0049] Multiple Vulnerabilities in Apple iOS and iPadOS

BOOK THIS SPACE FOR AD

Related

Fwd: [CIVN-2020-0294] Microsoft Office Elevation of Privilege Vulnerability

Fwd: Virus Alert : CLOP Ransomware

Fwd: [CIVN-2020-0295] Remote code execution vulnerability in IBM WebSphere Application Server

Fwd: Virus Alert : Conti Ransomware

Fwd: [CIVN-2020-0293] LNK Remote Code Execution Vulnerability

Fwd: [CIVN-2020-0290] Remote Code Execution Vulnerability in Red Hat JBoss Enterprise Application Platform

Trending

Popular

1-click RCE in Electron Applications

Install waybackurls on Kali Linux

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Install DalFox on Kali Linux

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

SketchUp Pro 2020 v20.2.172 (x64) Multilingual + Patch

BOOK THIS SPACE FOR AD