Apple recently released a series of updates that address several firmware security issues affecting its AirPort base stations.

Released on 30 May, the changes fix eight vulnerabilities that apply to the AirPort Extreme and AirPort Time Capsule base stations with 802.11ac.

Almost half of these bugs concerned denial-of-service (DoS) attacks. Apple fixed one of these security weaknesses, CVE-2019-8588, by using improved input validation to address a null pointer dereference. The tech giant leveraged a similar approach to resolve CVE-2018-6918, a bug which enabled a remote attacker to cause a DoS condition.

The third of these flaws, CVE-2019-7291, allowed a privileged user to perform a denial-of-service attack. Apple addressed this issue by instituting improved memory handling.

The remaining vulnerabilities covered a host of security problems. Two of the weaknesses, CVE-2019-8578 and CVE-2019-8572, made it possible for a remote attacker to produce arbitrary code execution. The iPhone maker fixed the first of these by applying improved memory manage to a use-after-free issue. For the second bug, it leveraged improved input validation to remove a null pointer dereference.

Provided below are descriptions of the remaining security issues and of Apple’s fixes for them:

• CVE-2019-8581: This bug allowed a remote attacker to leak memory. Apple closed the security hole by addressing an out-of-bounds read with improved input validation.
• CVE-2019-8575: The vulnerability revealed that a base station factory reset might not delete all user information. The tech giant fixed this bug with improved data deletion.
• CVE-2019-8580: This gap demonstrated that source-routed IPv4 packets could be unexpectedly accepted. Disabling source-routed IPv4 packets by default solved this weakness.

These security issues highlight the need for organizations to stay on top of all known vulnerabilities that might affect their IT software and hardware. Towards that end, they should consider creating a vulnerability management (Read more...)