Original Issue Date: May 10, 2021
Severity Rating: HIGH
Software Affected
Apple iOS and iPadOS version prior to 14.5
Overview
Multiple vulnerabilities have been reported in Apple iOS and iPadOS which could allow a remote attacker to execute arbitrary code with kernel privileges, cause denial of service conditions, access sensitive information, bypass security restrictions, alter network traffic, create or modify privileged files and perform cross site scripting attacks on the targeted system.
Description
Multiple vulnerabilities exist in Apple iOS and iPadOS due to out-of-bounds read and write errors, certificate validation error, malicious application error, logic error, multiple memory corruption issues, validation issue, access issue, race condition issue, use after free error, buffer overflow error, double free error, obscuring passwords issue, parsing error, call termination error and improper input validation.
Successful exploitation of these vulnerabilities could allow the attacker to execute arbitrary code with kernel privileges, cause denial of service conditions, access sensitive information, bypass security restrictions, alter network traffic, create or modify privileged files and perform cross site scripting attacks on the targeted system.
Solution
Apply appropriate software updates as mentioned in the Apple Security updates
https://support.apple.com/en-us/HT212317
Vendor Information
Apple
https://support.apple.com/en-us/HT212317
References
Apple
https://support.apple.com/en-us/HT212317
Disclaimer
The information provided herein is on “as is” basis, without warranty of any kind.