EUVD-2020-20388

Malware in sbrugna...

CVE-2021-30994

An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs...

CVE-2020-27895

An information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling. This issue is fixed in iTunes 12.11 for Windows. A malicious application may be able to access local users Apple IDs...

CVE-2020-9846

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs...

CVE-2020-9846

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs...

Code injection

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs...

CVE-2020-9846

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs...

CVE-2020-9846

CVE-2020-9846 affects Apple macOS Monterey prior to 12.0.1. Description shows a logic/state-management issue that could allow a malicious application to access local users’ Apple IDs. Apple released a fix in macOS Monterey 12.0.1 (per the initial doc). Remediation: update to macOS Monterey 12.0.1...

CVE-2021-30994

An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs...

CVE-2021-30994

An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs...

Design/Logic Flaw

An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs...

CVE-2021-30994

An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs...

CVE-2021-30994

CVE-2021-30994 is an Apple macOS Monterey 12.0.1 vulnerability. The Apple advisory states an access issue with improved access restrictions that could allow a malicious application to access local users’ Apple IDs. The CVE is documented in Apple’s security content for macOS Monterey 12.0.1 and in...

CVE-2020-27895

An information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling. This issue is fixed in iTunes 12.11 for Windows. A malicious application may be able to access local users Apple IDs...

Information disclosure

An information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling. This issue is fixed in iTunes 12.11 for Windows. A malicious application may be able to access local users Apple IDs...

CVE-2020-27895

An information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling. This issue is fixed in iTunes 12.11 for Windows. A malicious application may be able to access local users Apple IDs...

CVE-2020-27895

CVE-2020-27895 is an information-disclosure issue in the transition of program state that is addressed in iTunes 12.11 for Windows. The Apple security content describes a local-access impact where a malicious application may be able to read local user Apple IDs, tied to a broader set of Windows S...

About the security content of iTunes 12.11 for Windows

About the security content of iTunes 12.11 for Windows This document describes the security content of iTunes 12.11 for Windows. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches ...

Rotten Apples: Resurgence

In June 2016, we published a blog about a phishing campaign targeting the Apple IDs and passwords of Chinese Apple users that emerged in the first quarter of 2016 referred to as the “Zycode” phishing campaign. At FireEye Labs we have an automated system designed to proactively detect newly...

CVE-2016-4722

The IDS - Connectivity component in Apple iOS before 10 and OS X before 10.12 allows man-in-the-middle attackers to conduct Call Relay spoofing attacks and cause a denial of service via unspecified vectors...