Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for privilege escalation. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
The risk for government entities is:
- Large and medium government entities: High
- Small government entities: Medium
- Systems Affected
Versions prior to iOS 17.4 and iPadOS 17.4
iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Versions prior to iOS 16.7.6 and iPadOS 16.7.6
iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation
Click here to read the full details of this NJCCIC Advisory.