Apple Bug Allows Code Execution on iPhone, iPad, iPod

2020-09-17 20:23

Apple has updated its iOS and iPadOS operating systems, which addressed a wide range of flaws in its iPhone, iPad and iPod devices.

In total, Apple addressed 11 bugs in products and components, including AppleAVD, Apple Keyboard, WebKit and Siri.

According to researchers at IBM's X-Force, one of the most significant bugs patched by Apple is a privilege-escalation vulnerability impacting Apple iOS and iPadOS. Tracked as CVE-2020-9992, the vulnerability could be exploited if a target were tricked into opening a specially crafted file.

Apple traced the bug to an unidentified integrated drive electronics component, which are the interfaces used to pass data from a device's motherboard to the device's storage component.

Apple describes Xcode as "a complete developer toolset for creating apps for Mac, iPhone, iPad, Apple Watch and Apple TV.".

News URL

https://threatpost.com/apple-bug-code-execution-iphone/159332/

#apple #codeexecution #ipad #iphone #CVE-2020-9992

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2020-10-16	CVE-2020-9992	Unspecified vulnerability in Apple Iphone OS This issue was addressed by encrypting communications over the network to devices running iOS 14, iPadOS 14, tvOS 14, and watchOS 7. local low complexity apple	7.8

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Apple		138	584	4213	1628	2414	8839

News URL

Related news

Related Vulnerability

Related vendor