Home

Some companies that have chosen us

Privacy Officer and Privacy Consultant
CDP Scheme according to ISO/IEC 17024:2012
European Privacy Auditor
ISDP©10003 Certification Scheme according to ISO/IEC 17065:2012
Auditor
According to standard UNI 11697:2017
Lead Auditor ISO/IEC 27001:2022
According to standard ISO/IEC 17024:2012
Data Protection Officer
According to standard ISO/IEC 17024:2012
Anti-Bribery Lead Auditor Expert
According to standard ISO/IEC 17024:2012
ICT Security Manager
According to standard UNI 11506:2017
IT Service Management (ITSM)
According to the ITIL Foundation
Ethical Hacker (CEH)
According to the EC-Council
Network Defender (CND)
According to the EC-Council
Computer Hacking Forensics Investigator (CHFI)
According to the EC-Council
Penetration Testing Professional (CPENT)
According to the EC-Council

Professional qualifications

Stay up-to-date with world news!

Select your topics of interest:
CYBER ALERT
Home / CYBER ALERT
/
Apple Security Updates (AL01/240730/CSIRT-ITA)

Apple Security Updates (AL01/240730/CSIRT-ITA)

Summary

Apple has released security updates to address multiple vulnerabilities in its products.

Note: The vendor states that CVE-2024-23296 is being actively exploited online.

Risk

Vulnerability community impact estimate: HIGH/ORANGE (72.56/100)1.

Type

  • Arbitrary code execution
  • Arbitrary File Read/Write
  • Authentication Bypass
  • Denial of Service
  • Elevation of Privilege
  • Information Disclosure
  • Security Restrictions Bypass
  • Spoofing

Affected products and versions

Apple

  • iOS 17.x, prior to 17.6
  • iOS 16.x, prior to 16.7.9
  • iPadOS 17.x, prior to 17.6
  • iPadOS 16.x, prior to 16.7.9
  • macOS Sonoma, prior to 14.6
  • macOS Ventura, prior to 13.6.8
  • macOS Monterey, prior to 12.7.6
  • Safari, prior to 17.6
  • tvOS, prior to 17.6
  • watchOS, prior to 10.6
  • visionOS, prior to 1.3

Mitigation Actions

In line with vendor statements, we recommend patching according to the guidance in the security bulletins, available in the References section.

Unique Vulnerability Identifiers

CVE-IDs
CVE-2024-40817CVE-2024-40776CVE-2024-40782CVE-2024-40779
CVE-2024-40780CVE-2024-40785CVE-2024-40789CVE-2024-4558
CVE-2024-40794CVE-2024-40774CVE-2024-40799CVE-2024-27873
CVE-2024-40815CVE-2024-40795CVE-2023-6277CVE-2023-52356
CVE-2024-40806CVE-2024-40777CVE-2024-40784CVE-2024-27863
CVE-2024-40788CVE-2024-40805CVE-2024-40813CVE-2024-40778
CVE-2024-40824CVE-2024-27871CVE-2024-40835CVE-2024-40836
CVE-2024-40809CVE-2024-40812CVE-2024-40787CVE-2024-40793
CVE-2024-40786CVE-2024-40818CVE-2024-40822CVE-2024-40829
CVE-2024-40796CVE-2024-40798CVE-2024-40833CVE-2024-40804
CVE-2023-38709CVE-2024-24795CVE-2024-27316CVE-2024-40783
CVE-2024-40814CVE-2024-40775CVE-2024-27877CVE-2024-27878
CVE-2024-2004CVE-2024-2379CVE-2024-2398CVE-2024-2466
CVE-2024-40827CVE-2024-40816CVE-2024-40803CVE-2024-40832
CVE-2024-6387CVE-2024-40781CVE-2024-40802CVE-2024-40823
CVE-2024-27882CVE-2024-27883CVE-2024-40800CVE-2023-27952
CVE-2024-27881CVE-2024-40821CVE-2024-27872CVE-2024-27862
CVE-2024-40807CVE-2024-40834CVE-2024-40828CVE-2024-40811
CVE-2024-27826CVE-2024-23261CVE-2024-23296CVE-2024-27804
CVE-2024-27823

References

https://support.apple.com/en-us/HT201222

https://support.apple.com/it-it/HT214121

https://support.apple.com/it-it/HT214117

https://support.apple.com/it-it/HT214116

https://support.apple.com/it-it/HT214119

https://support.apple.com/it-it/HT214120

https://support.apple.com/it-it/HT214118

https://support.apple.com/it-it/HT214124

https://support.apple.com/it-it/HT214122

https://support.apple.com/it-it/HT214123

1This estimate is made taking into account several parameters, including: CVSS, availability of patches/workarounds and PoC, diffusion of the affected software/devices in the reference community.

Recommended to you

Search in 365TRUST

Our services