0% found this document useful (0 votes)

49 views

Alert

The document reports a remote code execution vulnerability in Apple products before specified versions. It could allow a remote attacker to execute arbitrary code by persuading a victim to visit a crafted request. Users are advised to apply the relevant security updates mentioned to remedy this issue.

Uploaded by

Nilesh Kumar

0% found this document useful (0 votes)

49 views

Alert

Uploaded by

Nilesh Kumar

You are on page 1/ 2

4/3/24, 5:42 PM CERT-In Vulnerability Notes

CERT-In Vulnerability Note CIVN-2024-0100

Remote Code Execution Vulnerability in Apple Products

Original Issue Date:April 02, 2024

Severity Rating: HIGH

Software Affected

Apple Safari versions prior to 17.4.1

(Available for macOS Monterey and macOS Ventura)
Apple macOS Ventura versions prior to 13.6.6
Apple macOS Sonoma versions prior to 14.4.1
Apple visionOS versions prior to 1.1.1
(Available for Apple Vision Pro)
Apple iOS and iPadOS versions prior to 17.4.1
(Available for iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st
generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and
later)
Apple iOS and iPadOS versions prior to 16.7.7
(Available for iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st
generation)

Overview

Remote Code Execution vulnerability has been reported in Apple Products which could be exploited by a remote attacker to
execute arbitrary code on the targeted system.

Description

This vulnerability exist in Apple Products due to out-of-bounds write issue in WebRTC and CoreMedia. A remote attacker could
exploit this vulnerability by persuading a victim to visit specially crafted request.

Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the targeted system.

Solution

Apply appropriate updates as mentioned in Apple Security updates:

https://support.apple.com/en-us/HT214093

https://support.apple.com/en-us/HT214094

https://support.apple.com/en-us/HT214095

https://support.apple.com/en-us/HT214096

https://support.apple.com/en-us/HT214097

https://support.apple.com/en-us/HT214098

Vendor Information

Apple
https://support.apple.com/en-us/HT214093
https://support.apple.com/en-us/HT214094
https://support.apple.com/en-us/HT214095
https://support.apple.com/en-us/HT214096
https://support.apple.com/en-us/HT214097
https://support.apple.com/en-us/HT214098

References

https://support.apple.com/en-us/HT214093
https://support.apple.com/en-us/HT214094
https://support.apple.com/en-us/HT214095
https://support.apple.com/en-us/HT214096

about:blank 1/2
4/3/24, 5:42 PM CERT-In Vulnerability Notes
https://support.apple.com/en-us/HT214097
https://support.apple.com/en-us/HT214098

CVE Name
CVE-2024-1580

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Email: [email protected]
Phone: +91-11-22902657

Postal address

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, CGO Complex, Lodhi Road,
New Delhi - 110 003
India

about:blank 2/2

EY-FICCI Report
No ratings yet
EY-FICCI Report
292 pages
The Modi Effect
No ratings yet
The Modi Effect
17 pages
Zalo Challenge Ai Advertising Banner Generation
No ratings yet
Zalo Challenge Ai Advertising Banner Generation
6 pages
Apple Secure Enclave Processor
From Everand
Apple Secure Enclave Processor
Umair Akbar
No ratings yet
Getting Started with FortiGate
From Everand
Getting Started with FortiGate
Fabrizio Volpe
No ratings yet
Serial Port Complete: COM Ports, USB Virtual COM Ports, and Ports for Embedded Systems
From Everand
Serial Port Complete: COM Ports, USB Virtual COM Ports, and Ports for Embedded Systems
Jan Axelson
3.5/5 (9)
Apple Security Releases - Apple Support
No ratings yet
Apple Security Releases - Apple Support
24 pages
Apple Security Releases - Apple Support
No ratings yet
Apple Security Releases - Apple Support
7 pages
CERT-EU-SA2024-013
No ratings yet
CERT-EU-SA2024-013
2 pages
Multiple Vulnerabilities in Apple macOS
No ratings yet
Multiple Vulnerabilities in Apple macOS
2 pages
MacOS Catalina 10.15 Beta 5 Release Notes
No ratings yet
MacOS Catalina 10.15 Beta 5 Release Notes
27 pages
IOS 12 Beta 10 Release Notes
No ratings yet
IOS 12 Beta 10 Release Notes
7 pages
CERT-EU-SA2024-025
No ratings yet
CERT-EU-SA2024-025
2 pages
2021 1782
No ratings yet
2021 1782
2 pages
iOS Hacker's Handbook
From Everand
iOS Hacker's Handbook
Charlie Miller
No ratings yet
IOS 12 Beta 6 Release Notes
No ratings yet
IOS 12 Beta 6 Release Notes
7 pages
701_advances_in_macos_security
No ratings yet
701_advances_in_macos_security
237 pages
iOS 12 Beta 7 Release Notes
No ratings yet
iOS 12 Beta 7 Release Notes
7 pages
Apple Security Releases - Apple Support
No ratings yet
Apple Security Releases - Apple Support
1 page
Protect Your iOS Device
No ratings yet
Protect Your iOS Device
11 pages
apple-platform-security-guide
No ratings yet
apple-platform-security-guide
302 pages
Apple Security Releases - Apple Support (In)
No ratings yet
Apple Security Releases - Apple Support (In)
1 page
Apple Security Updates - Apple Support
No ratings yet
Apple Security Updates - Apple Support
1 page
Apple Security Platform
No ratings yet
Apple Security Platform
231 pages
CompTIA A+ Certification All-in-One Study Guide: Exams (Core 1: 220-1101 and Core 2: 220-1102)
From Everand
CompTIA A+ Certification All-in-One Study Guide: Exams (Core 1: 220-1101 and Core 2: 220-1102)
Georgio Daccache
No ratings yet
Apple Security Updates - Apple Support (UK)
No ratings yet
Apple Security Updates - Apple Support (UK)
1 page
Apple Platform Security Guide 2
No ratings yet
Apple Platform Security Guide 2
265 pages
Apple Platform Security Guide B 2
No ratings yet
Apple Platform Security Guide B 2
229 pages
About Rapid Security Responses For IOS, IPadOS and MacOS - Apple Support (UK)
No ratings yet
About Rapid Security Responses For IOS, IPadOS and MacOS - Apple Support (UK)
1 page
Apple Platform Security Guide b
No ratings yet
Apple Platform Security Guide b
210 pages
Apple Platform Security Guide
No ratings yet
Apple Platform Security Guide
196 pages
Fundamentals of Security in the Windows System
From Everand
Fundamentals of Security in the Windows System
Mark Emerson
No ratings yet
Advisory 65
No ratings yet
Advisory 65
2 pages
nMIJI7XQSCAUN4n12scA - Apple Platform Security Guide B
No ratings yet
nMIJI7XQSCAUN4n12scA - Apple Platform Security Guide B
189 pages
IOS Security Guide Oct 2014
No ratings yet
IOS Security Guide Oct 2014
50 pages
Iphone Release Notes
No ratings yet
Iphone Release Notes
1 page
Apple Platform Security Guide
No ratings yet
Apple Platform Security Guide
219 pages
Apple Platform Security
No ratings yet
Apple Platform Security
190 pages
Basic Setup of FortiGate Firewall
From Everand
Basic Setup of FortiGate Firewall
Dr. Hidaia Mahmood Alassouli
No ratings yet
managing-software-updates-v1-0
No ratings yet
managing-software-updates-v1-0
44 pages
IOS 12 Beta 3 Release Notes
No ratings yet
IOS 12 Beta 3 Release Notes
10 pages
IOS & IPadOS 13.1 Release Notes
No ratings yet
IOS & IPadOS 13.1 Release Notes
26 pages
Learning iOS Penetration Testing: Secure your iOS applications and uncover hidden vulnerabilities by conducting penetration tests
From Everand
Learning iOS Penetration Testing: Secure your iOS applications and uncover hidden vulnerabilities by conducting penetration tests
Swaroop Yermalkar
No ratings yet
Apple Platform Security Guide
No ratings yet
Apple Platform Security Guide
219 pages
Glitch in Apple 6 Ios
No ratings yet
Glitch in Apple 6 Ios
8 pages
iOS Programming For Beginners: The Ultimate iOS App Developer's Guide
From Everand
iOS Programming For Beginners: The Ultimate iOS App Developer's Guide
Joseph Joyner
3/5 (1)
Advanced VoIP and IP Telephony: Telecom Titans: Building the Connected World, #4
From Everand
Advanced VoIP and IP Telephony: Telecom Titans: Building the Connected World, #4
Jordan Grant
No ratings yet
MacOS 10.14 Beta 8 Release Notes
No ratings yet
MacOS 10.14 Beta 8 Release Notes
11 pages
Basic Setup of FortiGate Firewall
From Everand
Basic Setup of FortiGate Firewall
Dr. Hidaia Mahmood Alassoulii
No ratings yet
Vehicle Safety Communications: Protocols, Security, and Privacy
From Everand
Vehicle Safety Communications: Protocols, Security, and Privacy
Tao Zhang
No ratings yet
The Compete Ccna 200-301 Study Guide: Network Engineering Edition
From Everand
The Compete Ccna 200-301 Study Guide: Network Engineering Edition
Joe Spoto
5/5 (4)
Internet of Things Programming Projects: Build exciting IoT projects using Raspberry Pi 5, Raspberry Pi Pico, and Python
From Everand
Internet of Things Programming Projects: Build exciting IoT projects using Raspberry Pi 5, Raspberry Pi Pico, and Python
Colin Dow
No ratings yet
IOS & IPadOS 13.1 Beta 1 Release Notes
No ratings yet
IOS & IPadOS 13.1 Beta 1 Release Notes
26 pages
Arduino Electronics Blueprints
From Everand
Arduino Electronics Blueprints
Don Wilcher
4/5 (1)
iPad Pro 2021 (5th Generation) And iPhone 12 User Guide A Complete Step By Step Guide For Beginners, Seniors And Pro To Master New iPad 2021 & iPhone 12 Pro And Pro Max
From Everand
iPad Pro 2021 (5th Generation) And iPhone 12 User Guide A Complete Step By Step Guide For Beginners, Seniors And Pro To Master New iPad 2021 & iPhone 12 Pro And Pro Max
Richard Jake
No ratings yet
CVE Mitigations2
No ratings yet
CVE Mitigations2
17 pages
Ipad & Iphone User - February 2023
No ratings yet
Ipad & Iphone User - February 2023
94 pages
VoIP Telephony and You: A Guide to Design and Build a Resilient Infrastructure for Enterprise Communications Using the VoIP Technology (English Edition)
From Everand
VoIP Telephony and You: A Guide to Design and Build a Resilient Infrastructure for Enterprise Communications Using the VoIP Technology (English Edition)
Rashmi Nanda
No ratings yet
Computers: ...and Stuff!
From Everand
Computers: ...and Stuff!
Owen Jones
No ratings yet
How To Program A Mobile Game
From Everand
How To Program A Mobile Game
Duong Tran
4/5 (1)
FCSS—Enterprise Firewall 7.4 Administrator Exam Preparation
From Everand
FCSS—Enterprise Firewall 7.4 Administrator Exam Preparation
Georgio Daccache
No ratings yet
IOS Security Guide
No ratings yet
IOS Security Guide
82 pages
IOS Security Guide
No ratings yet
IOS Security Guide
68 pages
Grap Stage IV
No ratings yet
Grap Stage IV
10 pages
Chronology
No ratings yet
Chronology
14 pages
Sebi
No ratings yet
Sebi
4 pages
SEBI Connected Person Proposal
No ratings yet
SEBI Connected Person Proposal
8 pages
Do PT
No ratings yet
Do PT
2 pages
CMS Report 2024
No ratings yet
CMS Report 2024
20 pages
How Urban India Pays
No ratings yet
How Urban India Pays
41 pages
Gas Based Power Stations
No ratings yet
Gas Based Power Stations
2 pages
From Cash To Cashless: UPI's Impact On Spending Behavior Among Indian Users
No ratings yet
From Cash To Cashless: UPI's Impact On Spending Behavior Among Indian Users
12 pages
New Press Bill
No ratings yet
New Press Bill
4 pages
AMFI Data
No ratings yet
AMFI Data
7 pages
Padma Awards 2024
100% (1)
Padma Awards 2024
132 pages
Pollution Diabetes
No ratings yet
Pollution Diabetes
10 pages
The Telecommunications Bill, 2023
No ratings yet
The Telecommunications Bill, 2023
46 pages
Burman Family
No ratings yet
Burman Family
1 page
India Middle East Europe Economic Corridor
No ratings yet
India Middle East Europe Economic Corridor
3 pages
Vishwakarma List
No ratings yet
Vishwakarma List
3 pages
Linkvertise Free Bypasser
No ratings yet
Linkvertise Free Bypasser
2 pages
Unit2 Javascript Notes
No ratings yet
Unit2 Javascript Notes
15 pages
Introduction To Software Engineering
No ratings yet
Introduction To Software Engineering
45 pages
5 Bankers Algorithm Program
No ratings yet
5 Bankers Algorithm Program
4 pages
Toolformer - Language Models Can Teach Themselves To Use Tools
No ratings yet
Toolformer - Language Models Can Teach Themselves To Use Tools
17 pages
Arduino Based Watch OLED Menu RTC
No ratings yet
Arduino Based Watch OLED Menu RTC
10 pages
Mitsubishi FR A800 PLC Function Programming Manual
No ratings yet
Mitsubishi FR A800 PLC Function Programming Manual
208 pages
VLAN Lab Guide
No ratings yet
VLAN Lab Guide
6 pages
Slideshow CK Banners
No ratings yet
Slideshow CK Banners
5 pages
2024_S5_EN_(1)
No ratings yet
2024_S5_EN_(1)
3 pages
Manual of 1 Gang Wi-Fi Switch Module QS-WIFI-C
No ratings yet
Manual of 1 Gang Wi-Fi Switch Module QS-WIFI-C
2 pages
108 Unix
No ratings yet
108 Unix
20 pages
Togaf Question Bank 3
No ratings yet
Togaf Question Bank 3
2 pages
Creating Perfect Photos From Your Slide and Negative Scans With ColorPerfect VueScan Professional
No ratings yet
Creating Perfect Photos From Your Slide and Negative Scans With ColorPerfect VueScan Professional
8 pages
SpringBoot All Programs
No ratings yet
SpringBoot All Programs
16 pages
PPT-Application Layer
No ratings yet
PPT-Application Layer
92 pages
SQL Unit 5
No ratings yet
SQL Unit 5
84 pages
12 - Ansi Sparc
No ratings yet
12 - Ansi Sparc
4 pages
Line List Preferred
No ratings yet
Line List Preferred
36 pages
CSS DLL
No ratings yet
CSS DLL
20 pages
PHP 5 Tutorial W3Schools
No ratings yet
PHP 5 Tutorial W3Schools
127 pages
Cihuyy 11221-147-185
No ratings yet
Cihuyy 11221-147-185
39 pages
User Manual-BS08K - 8kW Smart Laser Cutting Head - V3.0 2023-08
No ratings yet
User Manual-BS08K - 8kW Smart Laser Cutting Head - V3.0 2023-08
43 pages
Open Code Intro Session
No ratings yet
Open Code Intro Session
23 pages
FAQ of TeacherRecord (S)
No ratings yet
FAQ of TeacherRecord (S)
3 pages
PLAXIS 2D 2023.2 2D 2 Reference Manual
100% (1)
PLAXIS 2D 2023.2 2D 2 Reference Manual
674 pages
Buod NG Kwentong Sina Thor at Loki Sa Lupain NG Mga Higante PDF
No ratings yet
Buod NG Kwentong Sina Thor at Loki Sa Lupain NG Mga Higante PDF
1 page
Reflective Essay
No ratings yet
Reflective Essay
5 pages
APC Smart-UPS Lithium-Ion Line-Interactive 230V Brochure
No ratings yet
APC Smart-UPS Lithium-Ion Line-Interactive 230V Brochure
12 pages

Alert

Uploaded by

Alert

Uploaded by

4/3/24, 5:42 PM CERT-In Vulnerability Notes

CERT-In Vulnerability Note CIVN-2024-0100

Original Issue Date:April 02, 2024

Severity Rating: HIGH

Apple Safari versions prior to 17.4.1

Apply appropriate updates as mentioned in Apple Security updates:

Indian Computer Emergency Response Team (CERT-In)

You might also like