{ "file_item": { "filepath": "security-advisories", "filename": "CERT-EU-SA2021-059.pdf" }, "title": "Multiple Vulnerabilities in Apple Products", "serial_number": "2021-059", "publish_date": "29-10-2021 12:35:00", "description": "On October 25, Apple released multiple security updates fixing vulnerabilities on various Apple Operating Systems including macOS and iOS. These security updates address several vulnerabilities in Apple products, some of which could be exploited by an attacker to elevate privileges, execute arbitrary code with kernel privileges, or gain control access on the vulnerable products.", "url_title": "2021-059", "content_markdown": "---\ntitle: 'Multiple Vulnerabilities in Apple Products'\nversion: '1.0'\nnumber: '2021-059'\ndate: 'October 29, 2021'\n---\n\n_History:_\n\n* _29/10/2021 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn October 25, Apple released multiple security updates fixing vulnerabilities on various Apple Operating Systems including macOS and iOS[1]. These security updates address several vulnerabilities in Apple products, some of which could be exploited by an attacker to elevate privileges, execute arbitrary code with kernel privileges, or gain control access on the vulnerable products.\n\n# Affected Products\n\nThe following products are affected [2]:\n\n- Version before macOS Monterey 12.0.1 [3]\n- Version before macOS Big Sur 11.6.1 [4]\n- Catalina without Security Update 2021-007 [5]\n- Version before iOS 15.1 and iPadOS 15.1 [6]\n- Version before iOS 14.8.1 and iPadOS 14.8.1 [7] \n\n# Recommendations\n\nCERT-EU highly recommends applying the security updates for each Apple Operating System.\n\n# References\n\n[1] \n\n[2] \n\n[3] \n\n[4] \n\n[5] \n\n[6] \n\n[7] \n", "content_html": "

History:

  • 29/10/2021 --- v1.0 -- Initial publication

Summary

On October 25, Apple released multiple security updates fixing vulnerabilities on various Apple Operating Systems including macOS and iOS[1]. These security updates address several vulnerabilities in Apple products, some of which could be exploited by an attacker to elevate privileges, execute arbitrary code with kernel privileges, or gain control access on the vulnerable products.

Affected Products

The following products are affected [2]:

  • Version before macOS Monterey 12.0.1 [3]
  • Version before macOS Big Sur 11.6.1 [4]
  • Catalina without Security Update 2021-007 [5]
  • Version before iOS 15.1 and iPadOS 15.1 [6]
  • Version before iOS 14.8.1 and iPadOS 14.8.1 [7]

Recommendations

CERT-EU highly recommends applying the security updates for each Apple Operating System.

References

[1] https://us-cert.cisa.gov/ncas/current-activity/2021/10/27/apple-releases-security-updates-multiple-products

[2] https://support.apple.com/en-gb/HT201222

[3] https://support.apple.com/en-gb/HT212869

[4] https://support.apple.com/en-gb/HT212872

[5] https://support.apple.com/en-gb/HT212871

[6] https://support.apple.com/en-gb/HT212867

[7] https://support.apple.com/en-gb/HT212868

", "licence": { "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)", "link": "https://creativecommons.org/licenses/by/4.0/", "restrictions": "https://cert.europa.eu/legal-notice", "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies" } }