Alert GCSA-21116 - Vulnerabilita' nei prodotti Apple (APPLE-SA-2021-10-26)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

******************************************************************

Alert ID: GCSA-21116
Data: 27 Ottobre 2021
Titolo: Vulnerabilita' nei prodotti Apple (APPLE-SA-2021-10-26)

******************************************************************

:: Descrizione del problema

Sono state identificate vulnerabilita' multiple nei prodotti Apple che
potrebbero
essere sfruttate da un attaccanti locali e remoti.

Maggiori informazioni sono disponibili nelle segnalazioni
ufficiali alla sezione "Riferimenti".


:: Software interessato

versioni precedenti a:

iOS 14.8.1
iOS 15.1
iPadOS 14.8.1
iPadOS 15.1
tvOS 15.1
watchOS 8.1
macOS Catalina Security Update 2021-007
macOS Big Sur 11.6.1


:: Impatto

Esecuzione remota di codice arbitrario
Acquisizione di privilegi piu' elevati
Elusione delle restrizioni di sicurezza
Accesso a informazioni riservate e/o sensibili
Cross-Site Scripting


:: Soluzione

Aggiornare i software alle ultime versioni

iOS 14.8.1
iOS 15.1
iPadOS 14.8.1
iPadOS 15.1
tvOS 15.1
watchOS 8.1
macOS Catalina Security Update 2021-007
macOS Big Sur 11.6.1


:: Riferimenti

Apple
https://support.apple.com/en-us/HT212867
https://support.apple.com/en-us/HT212868
https://support.apple.com/en-us/HT212871
https://support.apple.com/en-us/HT212872
https://support.apple.com/en-us/HT212874
https://support.apple.com/en-us/HT212876

Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30813
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30821
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30823
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30824
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30834
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30861
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30864
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30868
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30873
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30875
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30876
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30877
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30879
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30880
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30881
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30883
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30886
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30887
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30888
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30889
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30890
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30892
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30894
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30895
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30896
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30899
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30900
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30901
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30902
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30903
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30905
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30906
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30907
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30908
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30909
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30910
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30911
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30912
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30913
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30914
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30915
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30916
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30917
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30918
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30919
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30920



GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert

-----BEGIN PGP SIGNATURE-----

iD8DBQFheQP/wZxMk2USYEIRAtQ0AJ4rSXon0sdUUWhMdgojq8Oivt6a5QCdEKjh
Uda0ss/PepDQvEUC8bOAW10=
=GF05
-----END PGP SIGNATURE-----