An integrity issue was addressed with Beacon Protection & other Fixes

iOS 18 and iPadOS 18 Security Update
Released September 16, 2024

Accessibility

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: An attacker with physical access may be able to use Siri to access sensitive user data
• Description: This issue was addressed through improved state management.
• CVE-2024-40840: Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College of Technology Bhopal India

Accessibility

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: An app may be able to enumerate a user's installed apps
• Description: This issue was addressed with improved data protection.
• CVE-2024-40830: Chloe Surett

Accessibility

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: An attacker with physical access to a locked device may be able to Control Nearby Devices via accessibility features
• Description: This issue was addressed through improved state management.
• CVE-2024-44171: Jake Derouin

Accessibility

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: An attacker may be able to see recent photos without authentication in Assistive Access
• Description: This issue was addressed by restricting options offered on a locked device.
• CVE-2024-40852: Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College of Technology Bhopal India

Cellular

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: A remote attacker may be able to cause a denial-of-service
• Description: This issue was addressed through improved state management.
• CVE-2024-27874: Tuan D. Hoang

Compression

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files
• Description: A race condition was addressed with improved locking.
• CVE-2024-27876: Snoolie Keffaber (@0xilis)

Control Center

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later

-Impact: An app may be able to record the screen without an indicator

• Description: The issue was addressed with improved checks.
• CVE-2024-27869: an anonymous researcher

Core Bluetooth

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: A malicious Bluetooth input device may bypass pairing
• Description: This issue was addressed through improved state management.
• CVE-2024-44124: Daniele Antonioli

FileProvider

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: An app may be able to access sensitive user data
• Description: This issue was addressed with improved validation of symlinks.
• CVE-2024-44131: @08Tc3wBB of Jamf

Game Center

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: An app may be able to access user-sensitive data
• Description: A file access issue was addressed with improved input validation.
• CVE-2024-40850: Denis Tokarev (@illusionofcha0s)

FileProvider

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: An app may be able to access sensitive user data
• Description: This issue was addressed with improved validation of symlinks.
• CVE-2024-44131: @08Tc3wBB of Jamf

Game Center

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: An app may be able to access user-sensitive data
• Description: A file access issue was addressed with improved input validation.
• CVE-2024-40850: Denis Tokarev (@illusionofcha0s)ImageIO

ImageIO

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: Processing a maliciously crafted file may lead to unexpected app termination
• Description: An out-of-bounds read issue was addressed with improved input validation.
• CVE-2024-27880: Junsung Lee

ImageIO

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: Processing an image may lead to a denial-of-service
• Description: An out-of-bounds access issue was addressed with improved bounds checking.
• CVE-2024-44176: dw0r of ZeroPointer Lab working with Trend Micro Zero Day Initiative and an anonymous researcher

IOSurfaceAccelerator

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
  -
• Impact: An app may be able to cause unexpected system termination
  -
• Description: The issue was addressed with improved memory handling.
  -
• CVE-2024-44169: Antonio Zekić

Kernel

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: Network traffic may leak outside a VPN tunnel
• Description: A logic issue was addressed with improved checks.
• CVE-2024-44165: Andrew Lytvynov

Kernel

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: An app may gain unauthorized access to Bluetooth
• Description: This issue was addressed through improved state management.
• CVE-2024-44191: Alexander Heinrich, SEEMOO, DistriNet, KU Leuven (@vanhoefm), TU Darmstadt (@Sn0wfreeze) and Mathy Vanhoef

libxml2

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: Processing maliciously crafted web content may lead to an unexpected process crash
• Description: An integer overflow was addressed through improved input validation.
• CVE-2024-44198: OSS-Fuzz, Ned Williamson of Google Project Zero

Mail Accounts

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: An app may be able to access information about a user's contacts
• Description: A privacy issue was addressed with improved private data redaction for log entries.
• CVE-2024-40791: Rodolphe BRUNETTI (@eisw0lf)

mDNSResponder

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: An app may be able to cause a denial-of-service
• Description: A logic error was addressed with improved error handling.
• CVE-2024-44183: Olivier Levon

Model I/O

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: Processing a maliciously crafted image may lead to a denial-of-service
• Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.
• CVE-2023-5841

NetworkExtension

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: An app may gain unauthorized access to Local Network
• Description: This issue was addressed through improved state management.
• CVE-2024-44147: Alexander Heinrich, SEEMOO, DistriNet, KU Leuven (@vanhoefm), TU Darmstadt (@Sn0wfreeze) and Mathy Vanhoef

Notes

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: An app may be able to overwrite arbitrary files
• Description: This issue was addressed by removing the vulnerable code.
• CVE-2024-44167: ajajfxhj

Printing

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: An unencrypted document may be written to a temporary file when using print preview
• Description: A privacy issue was addressed with improved handling of files.
• CVE-2024-40826: an anonymous researcher

Safari Private Browsing

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: Private Browsing tabs may be accessed without authentication
• Description: An authentication issue was addressed with improved state management.
• CVE-2024-44202: Kenneth Chew

Safari Private Browsing

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: Private Browsing tabs may be accessed without authentication
• Description: This issue was addressed through improved state management.
• CVE-2024-44127: Anamika Adhikari

Sandbox

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: An app may be able to leak sensitive user information
• Description: This issue was addressed with improved data protection.
• CVE-2024-40863: Csaba Fitzl (@theevilbit) of Offensive Security

Siri

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: An attacker with physical access may be able to access contacts from the lock screen
• Description: The issue was addressed with improved checks.
• CVE-2024-44139: Srijan Poudel
• CVE-2024-44180: Bistrit Dahal

Siri

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: An app may be able to access user-sensitive data
• Description: A privacy issue was addressed by moving sensitive data to a more secure location.
• CVE-2024-44170: K宝, LFY (@secsys), Smi1e, yulige, Cristian Dinca (icmd.tech), Rodolphe BRUNETTI (@eisw0lf)

Transparency

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: An app may be able to access user-sensitive data
• Description: A permissions issue was addressed with additional restrictions.
• CVE-2024-44184: Bohdan Stasiuk (@Bohdan_Stasiuk)

UIKit

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: An attacker may be able to cause unexpected app termination
• Description: The issue was addressed with improved bounds checks.
• CVE-2024-27879: Justin Cohen

WebKit

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: Processing maliciously crafted web content may lead to universal cross site scripting
• Description: This issue was addressed through improved state management.
• WebKit Bugzilla: 268724
• CVE-2024-40857: Ron Masas

WebKit

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: A malicious website may exfiltrate data cross-origin
• Description: A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins.
• WebKit Bugzilla: 279452
• CVE-2024-44187: Narendra Bhati, Manager of Cyber Security at Suma Soft Pvt. Ltd, Pune (India)

Wi-Fi

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: An attacker may be able to force a device to disconnect from a secure network
• Description: An integrity issue was addressed with Beacon Protection.
• CVE-2024-40856: Domien Schepers