Apple has released security advisories and patches for multiple products, including Safari, iOS and macOS.
Two vulnerabilities were associated with Safari 13.0.5, CVE-2020-3833 and CVE-2020-3841, effecting macOS Mojave and High Sierra and included in Catalina. CVE-2020-3833 covers an inconsistent user interface issue that could be exploited if a user visited a malicious website leading to address bar spoofing. The second flaw could allow a local user to unknowingly send an unencrypted password over the network.
There were 23 security issues with iOS 13.3.1 and iPadOS 13.3.1 covering the iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation. A memory corruption issue was addressed with improved memory handling that could have led to an attacker being able to execute arbitrary code. In Facetime an issue existed the handling of the local user's self-view that if exploited could have caused the local user's camera self-view to display the incorrect camera.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.