Au début du mois, Apple proposait une mise à jour de sécurité firmware numérotée 7.9.1 pour ses bornes Airport et Time Capsule 802.11ac, c’est au tour du matériel répondant à la norme 802.11n d’être mis à jour en avec une mise à jour de sécurité firmware estampillée version 7.8.1.
Tous les matériels de nos clients couverts par nos contrats de sauvegarde / sécurité ont été mis à jour sans délai.
Pour rappel, Apple ne commercialise plus de système Time Capsule ou AirPort et a fortiori de cette norme veillissante 802.11n, Ex Calibra peut vous proposer d’excellentes solutions éprouvées avec les NAS Synology pour assurer les sauvegardes TimeMachine ou réseau sans fil maillé Mesh pour tout besoin en couverture étendue de réseau WiFi…
AirPort Base Station Firmware Update 7.8.1
AirPort Base Station Firmware
Available for: AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed with improved input validation.
CVE-2019–8581: Lucio Albornoz
AirPort Base Station Firmware
Available for: AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n
Impact: A remote attacker may be able to cause a system denial of service
Description: A null pointer dereference was addressed with improved input validation.
CVE-2019–8588: Vince Cali (@0x56)
AirPort Base Station Firmware
Available for: AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n
Impact: A remote attacker may be able to cause arbitrary code execution
Description: A use after free issue was addressed with improved memory management.
CVE-2019–8578: Maxime Villard
AirPort Base Station Firmware
Available for: AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n
Impact: A remote attacker may be able to cause a system denial of service
Description: A denial of service issue was addressed with improved validation.
CVE-2018–6918: Maxime Villard
AirPort Base Station Firmware
Available for: AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n
Impact: A base station factory reset may not delete all user information
Description: The issue was addressed with improved data deletion.
CVE-2019–8575: joshua stein
AirPort Base Station Firmware
Available for: AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n
Impact: An attacker in a privileged position may be able to perform a denial of service attack
Description: A denial of service issue was addressed with improved memory handling.
CVE-2019–7291: Maxime Villard
AirPort Base Station Firmware
Available for: AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n
Impact: Source-routed IPv4 packets may be unexpectedly accepted
Description: Source-routed IPv4 packets were disabled by default.
CVE-2019–8580: Maxime Villard
AirPort Base Station Firmware
Available for: AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n
Impact: A remote attacker may be able to cause arbitrary code execution
Description: A null pointer dereference was addressed with improved input validation.
CVE-2019–8572: Maxime Villard