Apple has released a security update affecting its iOS, iPadOS, macOS, tvOS and watchOS products. The update addressed three zero-day vulnerabilities found in WebKit, a browser engine used by Safari and other third-party web browsers in iOS, that are reported to be exploited in the wild. In addition, another zero-day vulnerability was addressed on an existing Apple system that did not receive the patch that was previously implemented. Successful exploitation could allow attackers to remote code execution (RCE), that could lead to users’ devices being compromised.

______________________________

A. Nature of the Vulnerabilities

Description of the vulnerabilities:

  • CVE-2021-30661, a memory corruption issue that could be exploited to craft malicious web content, which may lead to code execution.
  • CVE-2021-30663, an integer overflow vulnerability that could be exploited to craft malicious web content, which may lead to code execution
  • CVE-2021-30665, a memory corruption issue that could be exploited to craft malicious web content, which may lead to code execution.
  • CVE-2021-30666, a buffer overflow vulnerability that could be exploited to craft malicious web content, which may lead to code execution.

______________________________

B. List of Vulnerable Systems

Vulnerable Apple Systems includes:

macOS:

  • Big Sur versions prior to 11.3.1

iOS:

  • versions prior to 14.5.1
  • versions prior to 12.5.3

iPadOS

  • versions prior to 14.5.1

watchOS:

  • versions prior to 7.4.1

tvOS:

  • Apple TV 4K
  • Apple TV HD

Affected Apple devices and products per vulnerability are as follows:

Mobile Phone:

  • iPhone 5s
  • iPhone 6 plus
  • iPhone 6
  • iPhone 6s and later

Media Devices:

  • iPod Touch (6th generation)
  • iPod Touch (7th generation)

Tablet:

  • iPad Pro (all models)
  • iPad Air
  • iPad Air 2 and later
  • iPad 5th generation and later
  • iPad Mini 2
  • iPad Mini 3
  • iPad Mini 4 and later

Wearables:

  • Apple Watch Series 3 and later

______________________________

C. Actions to be Taken

CERT-PH recommends the following actions be taken:

  • Immediately test and apply the corresponding patched versions of the affected Apple products from the Apple’s published security advisories.
    • https://support.apple.com/en-us/HT212335
    • https://support.apple.com/en-us/HT212336
    • https://support.apple.com/en-us/HT212339
    • https://support.apple.com/en-us/HT212341