{"id":2016,"date":"2023-09-14T06:15:51","date_gmt":"2023-09-14T06:15:51","guid":{"rendered":"https:\/\/cert-mu.govmu.org\/cert-mu\/?page_id=2016"},"modified":"2023-09-14T06:18:37","modified_gmt":"2023-09-14T06:18:37","slug":"multiple-apple-products-vulnerabilities","status":"publish","type":"page","link":"https:\/\/cert-mu.govmu.org\/cert-mu\/?page_id=2016","title":{"rendered":"Multiple Apple Products Vulnerabilities"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-page\" data-elementor-id=\"2016\" class=\"elementor elementor-2016\" data-elementor-post-type=\"page\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-166eefda ct-section-stretched elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"166eefda\" data-element_type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t\t<div class=\"elementor-background-overlay\"><\/div>\n\t\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-314d1d\" data-id=\"314d1d\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap\">\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-514ff558 elementor-hidden-tablet elementor-hidden-phone\" data-id=\"514ff558\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap\">\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-4e3e8fb elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"4e3e8fb\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-93566b9\" data-id=\"93566b9\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-d08b013 elementor-widget elementor-widget-heading\" data-id=\"d08b013\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Multiple Apple Products Vulnerabilities<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7d0347e elementor-widget elementor-widget-text-editor\" data-id=\"7d0347e\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>Date of Issue: <\/strong><strong>14.09.2023<\/strong><strong><br \/><\/strong><br \/><strong>Severity Rating: <\/strong>High<\/p><p><strong>Affected Products:<\/strong><\/p><ul><li>Apple iOS 16.5.0<\/li><li>Apple iPadOS 16.5.0<\/li><li>Apple macOS Ventura 13.4<\/li><li>Apple macOS Ventura 13.2<\/li><li>Apple watchOS 9.4<\/li><\/ul><p><strong>Description<\/strong><\/p><p>Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a validation issue in the Wallett component. By persuading a victim to open a specially crafted attachment, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash.<\/p><p><strong>Solution<\/strong><\/p><p>Users are advised to apply updates to address the vulnerabilities. Before applying the patch, please visit the vendor website for more details:<\/p><ul><li><a href=\"https:\/\/support.apple.com\/en-us\/HT213905\">https:\/\/support.apple.com\/en-us\/HT213905<\/a><\/li><li><a href=\"https:\/\/support.apple.com\/en-us\/HT213843\">https:\/\/support.apple.com\/en-us\/HT213843<\/a><\/li><li><a href=\"https:\/\/support.apple.com\/en-us\/HT213764\">https:\/\/support.apple.com\/en-us\/HT213764<\/a><\/li><li><a href=\"https:\/\/support.apple.com\/en-us\/HT213670\">https:\/\/support.apple.com\/en-us\/HT213670<\/a><\/li><\/ul><p><strong>CVE Information<\/strong><\/p><ul type=\"disc\"><li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-41061\">CVE-2023-41061 CVSS: 8.8<\/a><u> <\/u><\/li><li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-41064\">CVE-2023-41064 CVSS: 8.8<\/a><u> <\/u><\/li><li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-40397\">CVE-2023-40397 CVSS:6.1<\/a><u> <\/u><\/li><li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-38616\">CVE-2023-38616 CVSS:7.8<\/a><u> <\/u><\/li><li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-38605\">CVE-2023-38605 CVSS:3.3<\/a><u> <\/u><\/li><li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-40392\">CVE-2023-40392 CVSS:3.3<\/a><u> <\/u><\/li><li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-34352\">CVE-2023-34352 CVSS:5.3<\/a><u> <\/u><\/li><li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-28215\">CVE-2023-28215 CVSS:7.8<\/a><u> <\/u><\/li><li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-28214\">CVE-2023-28214 CVSS:7.8<\/a><u> <\/u><\/li><li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-28213\">CVE-2023-28213 CVSS:7.8<\/a><u> <\/u><\/li><\/ul><p><strong>References<\/strong><\/p><ul><li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-28214\">https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-28214<\/a><\/li><li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-28215\">https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-28215<\/a><\/li><li><a href=\"https:\/\/www.tenable.com\/cve\/CVE-2023-40397\">https:\/\/www.tenable.com\/cve\/CVE-2023-40397<\/a><\/li><li><a href=\"https:\/\/www.helpnetsecurity.com\/2023\/09\/08\/cve-2023-41064-cve-2023-41061\/\">https:\/\/www.helpnetsecurity.com\/2023\/09\/08\/cve-2023-41064-cve-2023-41061\/<\/a><\/li><\/ul><p><strong><u>Report Cyber Incidents<\/u><\/strong><br \/>Report cyber security incident on the <strong>Mauritian Cybercrime Online Reporting System (MAUCORS &#8211; <\/strong><a href=\"http:\/\/maucors.govmu.org\/\"><strong>http:\/\/maucors.govmu.org\/<\/strong><\/a><strong>)<\/strong><br \/><strong><u><br \/>Contact Information<\/u><\/strong><br \/><strong>Computer Emergency Response Team of Mauritius (CERT-MU)<\/strong><br \/><strong>Ministry of Information Technology, Communication and Innovation<\/strong><\/p><p>Tel: (+230) 4602600 <br \/>Hotline No: (+230) 800 2378<br \/>Gen. Info. : <a href=\"mailto:contact@cert.govmu.org\">contact@cert.govmu.org<\/a><u> <\/u><br \/>Incident: <a href=\"mailto:incident@cert.govmu.org\">incident@cert.govmu.org<\/a> <br \/>Website: <a href=\"http:\/\/cert-mu.govmu.org\">http:\/\/cert-mu.govmu.org<\/a> <br \/>MAUCORS: <a href=\"http:\/\/maucors.govmu.org\">http:\/\/maucors.govmu.org<\/a>\u00a0<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Multiple Apple Products Vulnerabilities Date of Issue: 14.09.2023Severity Rating: High Affected Products: Apple iOS 16.5.0 Apple iPadOS 16.5.0 Apple macOS Ventura 13.4 Apple macOS Ventura 13.2 Apple watchOS 9.4 Description Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a validation issue in the Wallett component. By persuading a victim to open a specially crafted attachment, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. Solution Users are advised to apply updates to address the vulnerabilities. Before applying the patch,\u2026<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-2016","page","type-page","status-publish","hentry"],"blocksy_meta":{"page_title_panel":"","has_hero_section":"disabled","bc159c5af2a03de5c75561ba297140d8":"","hero_section":"type-1","hero_elements":[{"id":"custom_title","enabled":true,"heading_tag":"h1","title":"Home"},{"id":"custom_description","enabled":true,"description_visibility":{"desktop":true,"tablet":true,"mobile":false}},{"id":"custom_meta","enabled":false,"meta_elements":[{"id":"author","enabled":true,"label":"By","has_author_avatar":"yes","avatar_size":25},{"id":"post_date","enabled":true,"label":"On","date_format_source":"default","date_format":"M j, Y"},{"id":"comments","enabled":true}],"page_meta_elements":{"joined":true,"articles_count":true,"comments":true}},{"id":"breadcrumbs","enabled":false}],"df3eb590217e0ce26e832da2c07e7ca6":"","hero_alignment1":"left","hero_alignment2":"center","hero_vertical_alignment":"center","19d24a625abe62e6d16b259439e9cba0":"","hero_structure":"narrow","a3dd00aea12a8c52bdc0775015a386ce":"","page_title_bg_type":"featured_image","custom_hero_background":{"attachment_id":null},"parallax":{"desktop":false,"tablet":false,"mobile":false},"007fc1b0d7d7ea0d9823538a36652bf9":"","hero_height":"250px","pageTitleFont":{"family":"Default","variation":"Default","size":{"desktop":"32px","tablet":"30px","mobile":"25px"},"line-height":"CT_CSS_SKIP_RULE","letter-spacing":"CT_CSS_SKIP_RULE","text-transform":"CT_CSS_SKIP_RULE","text-decoration":"CT_CSS_SKIP_RULE"},"pageTitleFontColor":{"default":{"color":"CT_CSS_SKIP_RULEDEFAULT"}},"pageMetaFont":{"family":"Default","variation":"n6","size":"12px","line-height":"1.3","letter-spacing":"CT_CSS_SKIP_RULE","text-transform":"uppercase","text-decoration":"CT_CSS_SKIP_RULE"},"pageMetaFontColor":{"default":{"color":"CT_CSS_SKIP_RULEDEFAULT"},"hover":{"color":"CT_CSS_SKIP_RULEDEFAULT"}},"pageExcerptFont":{"family":"Default","variation":"Default","size":"CT_CSS_SKIP_RULE","line-height":"CT_CSS_SKIP_RULE","letter-spacing":"CT_CSS_SKIP_RULE","text-transform":"CT_CSS_SKIP_RULE","text-decoration":"CT_CSS_SKIP_RULE"},"pageExcerptColor":{"default":{"color":"CT_CSS_SKIP_RULEDEFAULT"}},"breadcrumbsFont":{"family":"Default","variation":"n6","size":"12px","line-height":"CT_CSS_SKIP_RULE","letter-spacing":"CT_CSS_SKIP_RULE","text-transform":"uppercase","text-decoration":"CT_CSS_SKIP_RULE"},"breadcrumbsFontColor":{"default":{"color":"CT_CSS_SKIP_RULEDEFAULT"},"initial":{"color":"CT_CSS_SKIP_RULEDEFAULT"},"hover":{"color":"CT_CSS_SKIP_RULEDEFAULT"}},"pageTitleOverlay":{"default":{"color":"rgba(41, 51, 60, 0.2)"}},"pageTitleBackground":{"background_type":"color","background_pattern":"type-1","background_image":{"attachment_id":null,"x":0,"y":0},"background_repeat":"no-repeat","background_size":"auto","background_attachment":"scroll","patternColor":{"default":{"color":"#e5e7ea"}},"backgroundColor":{"default":{"color":"#EDEFF2"}}},"806cf646dc975203c3ef573b498d2a6c":"","page_structure_type":"default","content_style":"inherit","vertical_spacing_source":"custom","content_area_spacing":"none","background":{"background_type":"color","background_pattern":"type-1","background_image":{"attachment_id":null,"x":0,"y":0},"background_repeat":"no-repeat","background_size":"auto","background_attachment":"scroll","patternColor":{"default":{"color":"#e5e7ea"}},"backgroundColor":{"default":{"color":"CT_CSS_SKIP_RULE"}}},"content_background":{"background_type":"color","background_pattern":"type-1","background_image":{"attachment_id":null,"x":0,"y":0},"background_repeat":"no-repeat","background_size":"auto","background_attachment":"scroll","patternColor":{"default":{"color":"#e5e7ea"}},"backgroundColor":{"default":{"color":"#ffffff"}}},"content_boxed_spacing":{"desktop":"40px","tablet":"35px","mobile":"20px"},"content_boxed_radius":{"top":"3px","bottom":"3px","left":"3px","right":"3px","linked":true},"content_boxed_shadow":{"blur":18,"spread":-6,"v_offset":12,"h_offset":0,"inset":false,"enable":true,"color":{"color":"rgba(34, 56, 101, 0.04)"}},"19c6ff9349ac0932d7247f0e755658ea":"","disable_featured_image":"no","disable_header":"no","disable_footer":"no","styles_descriptor":{"styles":{"desktop":"","tablet":"","mobile":""},"google_fonts":[]}},"_links":{"self":[{"href":"https:\/\/cert-mu.govmu.org\/cert-mu\/index.php?rest_route=\/wp\/v2\/pages\/2016","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert-mu.govmu.org\/cert-mu\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/cert-mu.govmu.org\/cert-mu\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/cert-mu.govmu.org\/cert-mu\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cert-mu.govmu.org\/cert-mu\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2016"}],"version-history":[{"count":4,"href":"https:\/\/cert-mu.govmu.org\/cert-mu\/index.php?rest_route=\/wp\/v2\/pages\/2016\/revisions"}],"predecessor-version":[{"id":2020,"href":"https:\/\/cert-mu.govmu.org\/cert-mu\/index.php?rest_route=\/wp\/v2\/pages\/2016\/revisions\/2020"}],"wp:attachment":[{"href":"https:\/\/cert-mu.govmu.org\/cert-mu\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2016"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}