—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256<\/p>\n
APPLE-SA-07-29-2024-7 watchOS 10.6<\/p>\n
watchOS 10.6 addresses the following issues.
Information about the security content is also available at
https:\/\/support.apple.com\/HT214124.<\/p>\n
Apple maintains a Security Releases page at
https:\/\/support.apple.com\/HT201222 which lists recent
software updates with security advisories.<\/p>\n
AppleMobileFileIntegrity
Available for: Apple Watch Series 4 and later
Impact: An app may be able to bypass Privacy preferences
Description: A downgrade issue was addressed with additional code-
signing restrictions.
CVE-2024-40774: Mickey Jin (@patch1t)<\/p>\n
CoreGraphics
Available for: Apple Watch Series 4 and later
Impact: Processing a maliciously crafted file may lead to unexpected app
termination
Description: An out-of-bounds read issue was addressed with improved
input validation.
CVE-2024-40799: D4m0n<\/p>\n
dyld
Available for: Apple Watch Series 4 and later
Impact: A malicious attacker with arbitrary read and write capability
may be able to bypass Pointer Authentication
Description: A race condition was addressed with additional validation.
CVE-2024-40815: w0wbox<\/p>\n
Family Sharing
Available for: Apple Watch Series 4 and later
Impact: An app may be able to read sensitive location information
Description: This issue was addressed with improved data protection.
CVE-2024-40795: Csaba Fitzl (@theevilbit) of Kandji<\/p>\n
ImageIO
Available for: Apple Watch Series 4 and later
Impact: Processing an image may lead to a denial-of-service
Description: This is a vulnerability in open source code and Apple
Software is among the affected projects. The CVE-ID was assigned by a
third party. Learn more about the issue and CVE-ID at cve.org.
CVE-2023-6277
CVE-2023-52356<\/p>\n
ImageIO
Available for: Apple Watch Series 4 and later
Impact: Processing a maliciously crafted file may lead to unexpected app
termination
Description: An out-of-bounds read issue was addressed with improved
input validation.
CVE-2024-40806: Yisumi<\/p>\n
ImageIO
Available for: Apple Watch Series 4 and later
Impact: Processing a maliciously crafted file may lead to unexpected app
termination
Description: An out-of-bounds access issue was addressed with improved
bounds checking.
CVE-2024-40777: Junsung Lee working with Trend Micro Zero Day
Initiative, Amir Bazine and Karsten K\u00f6nig of CrowdStrike Counter
Adversary Operations<\/p>\n
ImageIO
Available for: Apple Watch Series 4 and later
Impact: Processing a maliciously crafted file may lead to unexpected app
termination
Description: An integer overflow was addressed with improved input
validation.
CVE-2024-40784: Junsung Lee working with Trend Micro Zero Day Initiative
and Gandalf4a<\/p>\n
Kernel
Available for: Apple Watch Series 4 and later
Impact: A local attacker may be able to determine kernel memory layout
Description: An information disclosure issue was addressed with improved
private data redaction for log entries.
CVE-2024-27863: CertiK SkyFall Team<\/p>\n
Kernel
Available for: Apple Watch Series 4 and later
Impact: A local attacker may be able to cause unexpected system shutdown
Description: A type confusion issue was addressed with improved memory
handling.
CVE-2024-40788: Minghao Lin and Jiaxun Zhu from Zhejiang University<\/p>\n
libxpc
Available for: Apple Watch Series 4 and later
Impact: An app may be able to bypass Privacy preferences
Description: A permissions issue was addressed with additional
restrictions.
CVE-2024-40805<\/p>\n
Phone
Available for: Apple Watch Series 4 and later
Impact: An attacker with physical access may be able to use Siri to
access sensitive user data
Description: A lock screen issue was addressed with improved state
management.
CVE-2024-40813: Jacob Braun<\/p>\n
Sandbox
Available for: Apple Watch Series 4 and later
Impact: An app may be able to bypass Privacy preferences
Description: This issue was addressed through improved state management.
CVE-2024-40824: Wojciech Regula of SecuRing (wojciechregula.blog) and
Zhongquan Li (@Guluisacat) from Dawn Security Lab of JingDong<\/p>\n
Shortcuts
Available for: Apple Watch Series 4 and later
Impact: A shortcut may be able to use sensitive data with certain
actions without prompting the user
Description: A logic issue was addressed with improved checks.
CVE-2024-40835: an anonymous researcher
CVE-2024-40836: an anonymous researcher<\/p>\n
Shortcuts
Available for: Apple Watch Series 4 and later
Impact: A shortcut may be able to bypass Internet permission
requirements
Description: A logic issue was addressed with improved checks.
CVE-2024-40809: an anonymous researcher
CVE-2024-40812: an anonymous researcher<\/p>\n
Shortcuts
Available for: Apple Watch Series 4 and later
Impact: A shortcut may be able to bypass Internet permission
requirements
Description: This issue was addressed by adding an additional prompt for
user consent.
CVE-2024-40787: an anonymous researcher<\/p>\n
Shortcuts
Available for: Apple Watch Series 4 and later
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed by removing the vulnerable code.
CVE-2024-40793: Kirin (@Pwnrin)<\/p>\n
Siri
Available for: Apple Watch Series 4 and later
Impact: An attacker with physical access may be able to use Siri to
access sensitive user data
Description: This issue was addressed by restricting options offered on
a locked device.
CVE-2024-40818: Bistrit Dahal and Srijan Poudel<\/p>\n
Siri
Available for: Apple Watch Series 4 and later
Impact: An attacker with physical access to a device may be able to
access contacts from the lock screen
Description: This issue was addressed by restricting options offered on
a locked device.
CVE-2024-40822: Srijan Poudel<\/p>\n
VoiceOver
Available for: Apple Watch Series 4 and later
Impact: An attacker may be able to view restricted content from the lock
screen
Description: The issue was addressed with improved checks.
CVE-2024-40829: Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain
College of Technology Bhopal India<\/p>\n
WebKit
Available for: Apple Watch Series 4 and later
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: A use-after-free issue was addressed with improved memory
management.
WebKit Bugzilla: 273176
CVE-2024-40776: Huang Xilin of Ant Group Light-Year Security Lab
WebKit Bugzilla: 268770
CVE-2024-40782: Maksymilian Motyl<\/p>\n
WebKit
Available for: Apple Watch Series 4 and later
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: An out-of-bounds read was addressed with improved bounds
checking.
WebKit Bugzilla: 275431
CVE-2024-40779: Huang Xilin of Ant Group Light-Year Security Lab
WebKit Bugzilla: 275273
CVE-2024-40780: Huang Xilin of Ant Group Light-Year Security Lab<\/p>\n
WebKit
Available for: Apple Watch Series 4 and later
Impact: Processing maliciously crafted web content may lead to a cross
site scripting attack
Description: This issue was addressed with improved checks.
WebKit Bugzilla: 273805
CVE-2024-40785: Johan Carlsson (joaxcar)<\/p>\n
WebKit
Available for: Apple Watch Series 4 and later
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: An out-of-bounds access issue was addressed with improved
bounds checking.
CVE-2024-40789: Seunghyun Lee (@0x10n) of KAIST Hacking Lab working with
Trend Micro Zero Day Initiative<\/p>\n
Additional recognition<\/p>\n
Shortcuts
We would like to acknowledge an anonymous researcher for their
assistance.<\/p>\n
Instructions on how to update your Apple Watch software are available
at https:\/\/support.apple.com\/HT204641 To check the version on
your Apple Watch, open the Apple Watch app on your iPhone and select
“My Watch > General > About”. Alternatively, on your watch, select
“My Watch > General > About”.
All information is also posted on the Apple Security Releases
web site: https:\/\/support.apple.com\/HT201222.<\/p>\n
This message is signed with Apple’s Product Security PGP key,
and details are available at:
https:\/\/www.apple.com\/support\/security\/pgp\/
—–BEGIN PGP SIGNATURE—–<\/p>\n
iQIzBAEBCAAdFiEEsz9altA7uTI+rE\/qX+5d1TXaIvoFAmaoICUACgkQX+5d1TXa
IvoXBQ\/+K5v4MYwo1Lr0ZOzH2g2WI2cuYrXSeos2rbmgHLyriF6TlW8FnwHMBF4c
1yqOp5vmv7hfkYUHXdIlLX7VUCdYSSu+FAPVjykogqTTa09dsMRMK1mu8MulXxPO
eSvWdEF8HrPe7Aw45jHIxxilJC50TRDZbIl1HWO4w0qi6G2dNwnQwCLC2BkiqXp7
7t60Ou9HdILroG3xUUl+EUM+RN7rcqfJ6pkPWmgNUdT31mln7jb++RXzsS00d6ee
HEH96qVAlEq8A5LQmNmpru8MatI0l5sr1qtfb\/prY0A10lCUb8IwCeDL1v13RAlN
\/7WWD5sLqM4yhvQKgN956Bmn9ggfzB+BsOORl6Eei6w\/QRi\/caZEC9yty9ylHJqJ
65ApHnhgEtCul\/uvlzCnVJbZJZBMZYTaVeRftDAp49FH8sBlLyPka4ym\/aeOnU76
tP7GcDVkmK7oDeCqNuSM0XPxBI7zc2CZ5aZq0y+OBfLWWo0kBORkksyDWylhk0cD
wAzyyFt0oUgYH7bwpu4pRE5b3ZcaUzt6hCruRCKC+m28sMQ9bkqfuzCResZ+CCHS
Lf0wg1wI+4AjAcIEEZ13A7v8tKoC0PHr1ByJe7LXSTTdxkiOOHmkhD+Iy6\/Xyc+4
zRBKwUtbmniB+aHFqU3Qp0eDTFlNAg01lN15BH6pLKwfXD0ERIk=
=MEx2
—–END PGP SIGNATURE—–<\/p>\n","protected":false},"excerpt":{"rendered":"
—–BEGIN PGP SIGNED MESSAGE—–Hash: SHA256 APPLE-SA-07-29-2024-7 watchOS 10.6 watchOS 10.6 addresses the following issues.Information about the security content is also available athttps:\/\/support.apple.com\/HT214124. Apple maintains a Security Releases page athttps:\/\/support.apple.com\/HT201222 which lists recentsoftware updates with security advisories. AppleMobileFileIntegrityAvailable for: Apple Watch Series 4 and laterImpact: An app may be able to bypass Privacy preferencesDescription: A downgrade …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-58533","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/58533","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=58533"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/58533\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=58533"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=58533"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=58533"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}