Alert GCSA-21103 - Vulnerabilita' nei prodotti Apple (APPLE-SA-2021-09-20)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-21103
Data: 21 Settembre 2021
Titolo: Vulnerabilita' nei prodotti Apple (APPLE-SA-2021-09-20)
******************************************************************
:: Descrizione del problema
Sono state identificate vulnerabilita' multiple nei prodotti Apple che potrebbero
essere sfruttate da un attaccanti locali e remoti.
Maggiori informazioni sono disponibili nelle segnalazioni
ufficiali alla sezione "Riferimenti".
:: Software interessato
versioni precedenti a:
iOS 15
iPadOS 15
watchOS 8
tvOS 15
Xcode 13
Safari 15
iTunes U 3.8.3
iTunes 12.12 per Windows
:: Impatto
Esecuzione remota di codice arbitrario
Denial of Service
Furto di identita'
Accesso a informazioni riservate e/o sensibili
:: Soluzione
Aggiornare i software alle ultime versioni
iOS 15
iPadOS 15
watchOS 8
tvOS 15
Xcode 13
Safari 15
iTunes U 3.8.3
iTunes 12.12 per Windows
:: Riferimenti
Apple
https://support.apple.com/HT212814
https://support.apple.com/HT212819
https://support.apple.com/HT212815
https://support.apple.com/HT212818
https://support.apple.com/HT212816
https://support.apple.com/HT212807
https://support.apple.com/HT212804
https://support.apple.com/HT212805
https://support.apple.com/HT212809
https://support.apple.com/HT212817
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0340
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7529
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20372
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30810
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30811
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30815
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30819
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30825
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30835
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30837
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30838
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30841
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30842
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30843
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30846
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30847
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30848
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30849
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30850
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30851
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30854
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30855
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30857
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30858
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30860
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30862
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30863
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EARECAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCYUmmvAAKCRDBnEyTZRJg
QjpeAKC5LfYD7PJGvAv5RLWCHERHcRTJQQCfQ1BOmNqbwotkkIT1KeghVsT6XiM=
=xIAs
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-21103
Data: 21 Settembre 2021
Titolo: Vulnerabilita' nei prodotti Apple (APPLE-SA-2021-09-20)
******************************************************************
:: Descrizione del problema
Sono state identificate vulnerabilita' multiple nei prodotti Apple che potrebbero
essere sfruttate da un attaccanti locali e remoti.
Maggiori informazioni sono disponibili nelle segnalazioni
ufficiali alla sezione "Riferimenti".
:: Software interessato
versioni precedenti a:
iOS 15
iPadOS 15
watchOS 8
tvOS 15
Xcode 13
Safari 15
iTunes U 3.8.3
iTunes 12.12 per Windows
:: Impatto
Esecuzione remota di codice arbitrario
Denial of Service
Furto di identita'
Accesso a informazioni riservate e/o sensibili
:: Soluzione
Aggiornare i software alle ultime versioni
iOS 15
iPadOS 15
watchOS 8
tvOS 15
Xcode 13
Safari 15
iTunes U 3.8.3
iTunes 12.12 per Windows
:: Riferimenti
Apple
https://support.apple.com/HT212814
https://support.apple.com/HT212819
https://support.apple.com/HT212815
https://support.apple.com/HT212818
https://support.apple.com/HT212816
https://support.apple.com/HT212807
https://support.apple.com/HT212804
https://support.apple.com/HT212805
https://support.apple.com/HT212809
https://support.apple.com/HT212817
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0340
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7529
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20372
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30810
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30811
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30815
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30819
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30825
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30835
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30837
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30838
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30841
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30842
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30843
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30846
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30847
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30848
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30849
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30850
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30851
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30854
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30855
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30857
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30858
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30860
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30862
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30863
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EARECAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCYUmmvAAKCRDBnEyTZRJg
QjpeAKC5LfYD7PJGvAv5RLWCHERHcRTJQQCfQ1BOmNqbwotkkIT1KeghVsT6XiM=
=xIAs
-----END PGP SIGNATURE-----