Alert GCSA-21103 - Vulnerabilita' nei prodotti Apple (APPLE-SA-2021-09-20)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1






******************************************************************

Alert ID: GCSA-21103
Data: 21 Settembre 2021
Titolo: Vulnerabilita' nei prodotti Apple (APPLE-SA-2021-09-20)

******************************************************************

:: Descrizione del problema

Sono state identificate vulnerabilita' multiple nei prodotti Apple che potrebbero
essere sfruttate da un attaccanti locali e remoti.

Maggiori informazioni sono disponibili nelle segnalazioni
ufficiali alla sezione "Riferimenti".


:: Software interessato

versioni precedenti a:

iOS 15
iPadOS 15
watchOS 8
tvOS 15
Xcode 13
Safari 15
iTunes U 3.8.3
iTunes 12.12 per Windows


:: Impatto

Esecuzione remota di codice arbitrario
Denial of Service
Furto di identita'
Accesso a informazioni riservate e/o sensibili


:: Soluzione

Aggiornare i software alle ultime versioni

iOS 15
iPadOS 15
watchOS 8
tvOS 15
Xcode 13
Safari 15
iTunes U 3.8.3
iTunes 12.12 per Windows


:: Riferimenti

Apple
https://support.apple.com/HT212814
https://support.apple.com/HT212819
https://support.apple.com/HT212815
https://support.apple.com/HT212818
https://support.apple.com/HT212816
https://support.apple.com/HT212807
https://support.apple.com/HT212804
https://support.apple.com/HT212805
https://support.apple.com/HT212809
https://support.apple.com/HT212817

Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0340
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7529
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20372
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30810
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30811
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30815
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30819
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30825
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30835
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30837
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30838
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30841
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30842
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30843
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30846
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30847
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30848
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30849
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30850
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30851
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30854
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30855
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30857
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30858
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30860
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30862
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30863






GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert








-----BEGIN PGP SIGNATURE-----

iF0EARECAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCYUmmvAAKCRDBnEyTZRJg
QjpeAKC5LfYD7PJGvAv5RLWCHERHcRTJQQCfQ1BOmNqbwotkkIT1KeghVsT6XiM=
=xIAs
-----END PGP SIGNATURE-----