[CIVN-2022-0480] Multiple Vulnerabilities in Apple iCloud for Windows

Severity Rating: HIGH

Software Affected

Apple iCloud for Windows versions prior to 14.1

Overview

Multiple vulnerabilities have been reported in Apple iCloud for Windows which could allow an attacker to disclose sensitive information, execute arbitrary code or bypass security restrictions on the targeted system.

Description

These vulnerabilities exist in Apple iCloud for Windows due to an out-of-bound write issue in ImageIO and logic issue in the WebKit component. An attacker could exploit these vulnerabilities by executing a specially crafted application.

Successful exploitation of these vulnerabilities could allow the attacker to disclose sensitive information, execute arbitrary code or bypass security restrictions on the target system.

Solution

Apply appropriate patches as mentioned in the Apple Security Updates

Vendor Information

Apple

https://support.apple.com/en-us/HT213538

References

Apple

https://support.apple.com/en-us/HT213538

CVE Name

CVE-2022-46693

CVE-2022-46692

CVE-2022-46698

About Cert Advisory

We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.

[CIVN-2022-0480] Multiple Vulnerabilities in Apple iCloud for Windows

About Cert Advisory

Related Posts

Popular Posts

Facebook

Blog Archive