Apple has released fixes for several products commonly found in custom home installations, including Apple TV HD and 4K, as well as iPads and iPhones, and one such security vulnerability the tech giant patched has already been exploited by attackers.
The especially dangerous security vulnerability addressed in the recent update is described as a zero-day vulnerability, which means that the issue was previously unknown to Apple and the broader cybersecurity community.
According to Apple, the security vulnerability being exploited, CVE-2024-23222, exists in WebKit the web browser engine used by Safari and other Apple apps.
A successful exploitation allows a hacker to executive arbitrary code on an impacted device, including all models of Apple TV HD and Apple TV 4K, the company says on its support page. This essentially allows an attacker to run any command or code on a vulnerable device. Installing the tvOS17.3 update fixes the issue in Apple TV devices, and iOS 17.3 and iPadOS 17.3 addresses the issue in iPhones and iPads, respectively.
Other affected platforms include certain versions of iOS, IPadOS, MacOS and others.
2024 Lighting Controls and Fixtures Report
Lightapalooza took place in late February, and the growth of the event has mirrored the rapid ascension lighting fixtures and controls.Download your copy now!
Along with all Apple TV models, Apple says the security vulnerability also impacts iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later.
Although this bug was the only implicated in active attacks, the company also released several other updates to address other security issues, so integrators that install Apple TV devices and use iPads as control interfaces should ensure that their customers get and install these updates.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!