Multiple vulnerabilities in Apple iPadOS



Published: 2019-12-18 | Updated: 2020-07-17
Risk Medium
Patch available YES
Number of vulnerabilities 9
CVE-ID CVE-2019-8786
CVE-2019-8788
CVE-2019-8789
CVE-2019-8793
CVE-2019-8794
CVE-2019-8795
CVE-2019-8797
CVE-2019-8798
CVE-2019-8803
CWE-ID CWE-119
CWE-20
CWE-59
CWE-613
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
iPadOS
Operating systems & Components / Operating system

Vendor Apple Inc.

Security Bulletin

This security bulletin contains information about 9 vulnerabilities.

1) Buffer overflow

EUVDB-ID: #VU30531

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-8786

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local non-authenticated attacker to execute arbitrary code.

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with kernel privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 13.1.1 - 13.1.3

External links

http://support.apple.com/HT210721
http://support.apple.com/HT210722
http://support.apple.com/HT210723
http://support.apple.com/HT210724


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Input validation error

EUVDB-ID: #VU30532

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-8788

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Improper URL processing may lead to data exfiltration.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 13.1.1 - 13.1.3

External links

http://support.apple.com/HT210721
http://support.apple.com/HT210722


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Link following

EUVDB-ID: #VU30533

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-8789

CWE-ID: CWE-59 - Improper Link Resolution Before File Access ('Link Following')

Exploit availability: No

Description

The vulnerability allows a local non-authenticated attacker to gain access to sensitive information.

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Parsing a maliciously crafted iBooks file may lead to disclosure of user information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 13.1.1 - 13.1.3

External links

http://support.apple.com/HT210721
http://support.apple.com/HT210722


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Input validation error

EUVDB-ID: #VU30534

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-8793

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local authenticated user to gain access to sensitive information.

A consistency issue existed in deciding when to show the screen recording indicator. The issue was resolved with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2. A local user may be able to record the screen without a visible screen recording indicator.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 13.1.1 - 13.1.3

External links

http://support.apple.com/HT210721


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Input validation error

EUVDB-ID: #VU30535

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-8794

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local non-authenticated attacker to gain access to sensitive information.

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to read restricted memory.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 13.1.1 - 13.1.3

External links

http://support.apple.com/HT210721
http://support.apple.com/HT210722
http://support.apple.com/HT210723
http://support.apple.com/HT210724


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Buffer overflow

EUVDB-ID: #VU30536

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-8795

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local non-authenticated attacker to execute arbitrary code.

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2. An application may be able to execute arbitrary code with system privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 13.1.1 - 13.1.3

External links

http://support.apple.com/HT210721
http://support.apple.com/HT210723


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Buffer overflow

EUVDB-ID: #VU30537

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-8797

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local non-authenticated attacker to execute arbitrary code.

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 13.1.1 - 13.1.3

External links

http://support.apple.com/HT210721
http://support.apple.com/HT210722
http://support.apple.com/HT210723
http://support.apple.com/HT210724


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Buffer overflow

EUVDB-ID: #VU30538

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-8798

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local authenticated user to gain access to sensitive information.

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 13.1.1 - 13.1.3

External links

http://support.apple.com/HT210721
http://support.apple.com/HT210722
http://support.apple.com/HT210723
http://support.apple.com/HT210724


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Insufficient Session Expiration

EUVDB-ID: #VU30539

Risk: Low

CVSSv3.1: 7.3 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-8803

CWE-ID: CWE-613 - Insufficient Session Expiration

Exploit availability: No

Description

The vulnerability allows a local non-authenticated attacker to execute arbitrary code.

An authentication issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. A local attacker may be able to login to the account of a previously logged in user without valid credentials..

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 13.1.1 - 13.1.3

External links

http://support.apple.com/HT210721
http://support.apple.com/HT210722
http://support.apple.com/HT210723
http://support.apple.com/HT210724


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###