Security News

Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution

Multiple vulnerabilities have been discovered in Xcode, tvOS, Safari, iOS, iPadOS, watchOS, Mojave, High Sierra and Sierra. The most severe of these vulnerabilities could allow for arbitrary code execution.

  • Xcode is an integrated development environment for MacOS
  • tvOS is an operating system for the fourth-generation Apple TV digital media player.
  • Safari is a web browser available for OS X.
  • iOS is a mobile operating system for mobile devices, including the iPhone, iPad, and iPod touch.
  • iPadOS is the successor to iOS 12 and is a mobile operating system for iPads
  • watchOS is the mobile operating system for the Apple Watch and is based on the iOS operating system.
  • Mojave is a desktop and server operating system for Macintosh computers.
  • High Sierra is a desktop and server operating system for Macintosh computers.
  • Sierra is a desktop and server operating system for Macintosh computers.

Successful exploitation of the most severe of these vulnerabilities could result in arbitrary code execution within the context of the application, an attacker gaining the same privileges as the logged-on user, or the bypassing of security restrictions. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

REFERENCES:

Apple:

CVE:

Leave a Comment

Your email address will not be published.

You may also like