**Name of the Vulnerable Software and Affected Versions** Apache Tomcat versions 11.0.0-M1 through 11.0.18 Apache Tomcat versions 10.0.0-M1 through 10.1.52 Apache Tomcat versions 9.0.13 through 9.115 Apache Tomcat versions 8.5.38 through 8.5.100 Apache Tomcat versions 7.0.100 through 7.0.109 **Description** A Padding Oracle issue exists in the `EncryptInterceptor` when using the default configuration, as it utilizes CBC (Cipher Block Chaining) mode. This flaw is related to deficiencies in the error reporting mechanism, which could allow a remote attacker to perform a Padding Oracle attack to gain unauthorized access to protected information. **Recommendations** Upgrade versions 11.0.0-M1 through 11.0.18 to 11.0.19. Upgrade versions 10.0.0-M1 through 10.1.52 to 10.1.53. Upgrade versions 9.0.13 through 9.115 to 9.0.116. At the moment, there is no information about a newer version that contains a fix for Apache Tomcat versions 8.5.38 through 8.5.100 and 7.0.100 through 7.0.109.

**Name of the Vulnerable Software and Affected Versions** AirPlay audio SDK versions prior to 2.7.1 AirPlay video SDK versions prior to 3.6.0.126 CarPlay Communication Plug-in versions prior to R18.1 **Description** A buffer overflow issue was addressed by improving input validation. This could allow an attacker on the local network to cause an unexpected termination of the application. **Recommendations** For AirPlay audio SDK versions prior to 2.7.1, update to version 2.7.1 to resolve the issue. For AirPlay video SDK versions prior to 3.6.0.126, update to version 3.6.0.126 to resolve the issue. For CarPlay Communication Plug-in versions prior to R18.1, update to version R18.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 15.4 tvOS versions prior to 18.4 macOS Ventura versions prior to 13.7.5 iPadOS versions prior to 17.7.6 macOS Sonoma versions prior to 14.7.5 iOS versions prior to 18.4 iPadOS versions prior to 18.4 watchOS versions prior to 11.4 visionOS versions prior to 2.4 **Description** The issue was addressed with improved checks. An attacker on the local network may cause an unexpected app termination. **Recommendations** For macOS versions prior to 15.4, update to macOS Sequoia 15.4. For tvOS versions prior to 18.4, update to tvOS 18.4. For macOS Ventura versions prior to 13.7.5, update to macOS Ventura 13.7.5. For iPadOS versions prior to 17.7.6, update to iPadOS 17.7.6. For macOS Sonoma versions prior to 14.7.5, update to macOS Sonoma 14.7.5. For iOS versions prior to 18.4, update to iOS 18.4. For iPadOS versions prior to 18.4, update to iPadOS 18.4. For watchOS versions prior to 11.4, update to watchOS 11.4. For visionOS versions prior to 2.4, update to visionOS 2.4.

**Name of the Vulnerable Software and Affected Versions** Apple macOS versions prior to 15.4 Apple tvOS versions prior to 18.4 Apple macOS Ventura versions prior to 13.7.5 Apple iPadOS versions prior to 17.7.6 Apple macOS Sonoma versions prior to 14.7.5 Apple iOS versions prior to 18.4 Apple iPadOS versions prior to 18.4 Apple visionOS versions prior to 2.4 **Description** A use-after-free issue exists due to improper memory management. This issue allows a remote attacker to potentially corrupt process memory. The vulnerability is actively exploited and enables zero-click remote code execution via the AirPlay protocol. An attacker on the local network may be able to compromise devices. The vulnerability affects multiple Apple operating systems, including macOS, tvOS, iPadOS, iOS, and visionOS. Exploitation of this issue can lead to malware installation without user interaction and has the potential to spread across networks. A demonstration of the exploit targeting the Apple Music App is available. **Recommendations** Update to macOS version 15.4 or later. Update to tvOS version 18.4 or later. Update to macOS Ventura version 13.7.5 or later. Update to iPadOS version 17.7.6 or later. Update to macOS Sonoma version 14.7.5 or later. Update to iOS version 18.4 or later. Update to iPadOS version 18.4 or later. Update to visionOS version 2.4 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 15.4 tvOS versions prior to 18.4 macOS Ventura versions prior to 13.7.5 iPadOS versions prior to 17.7.6 macOS Sonoma versions prior to 14.7.5 iOS versions prior to 18.4 iPadOS versions prior to 18.4 visionOS versions prior to 2.4 **Description** The issue was addressed with improved checks. An attacker on the local network may cause an unexpected app termination. **Recommendations** For macOS versions prior to 15.4, update to macOS Sequoia 15.4. For tvOS versions prior to 18.4, update to tvOS 18.4. For macOS Ventura versions prior to 13.7.5, update to macOS Ventura 13.7.5. For iPadOS versions prior to 17.7.6, update to iPadOS 17.7.6. For macOS Sonoma versions prior to 14.7.5, update to macOS Sonoma 14.7.5. For iOS versions prior to 18.4, update to iOS 18.4. For iPadOS versions prior to 18.4, update to iPadOS 18.4. For visionOS versions prior to 2.4, update to visionOS 2.4.

**Name of the Vulnerable Software and Affected Versions** Apple macOS versions prior to 15.4 Apple tvOS versions prior to 18.4 Apple macOS Ventura versions prior to 13.7.5 Apple iPadOS versions prior to 17.7.6 Apple macOS Sonoma versions prior to 14.7.5 Apple iOS versions prior to 18.4 Apple visionOS versions prior to 2.4 **Description** An access control issue was identified within the AirPlay Handler component of Apple operating systems. This issue allows an unauthenticated user on the same network as a signed-in device to send AirPlay commands without proper pairing. The issue impacts the confidentiality and integrity of the affected systems. Reports indicate that this issue has been actively exploited, potentially enabling unauthorized access and control. The vulnerability allows for unauthenticated command execution due to an Access Control List bypass. **Recommendations** Update macOS to version 15.4 or later. Update tvOS to version 18.4 or later. Update macOS Ventura to version 13.7.5 or later. Update iPadOS to version 17.7.6 or later. Update macOS Sonoma to version 14.7.5 or later. Update iOS to version 18.4 or later. Update visionOS to version 2.4 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 15.4 tvOS versions prior to 18.4 macOS Ventura versions prior to 13.7.5 iPadOS versions prior to 17.7.6 macOS Sonoma versions prior to 14.7.5 iOS versions prior to 18.4 iPadOS versions prior to 18.4 visionOS versions prior to 2.4 **Description** An attacker on the local network may be able to leak sensitive user information. The issue was addressed by removing the vulnerable code. **Recommendations** For macOS versions prior to 15.4, update to macOS Sequoia 15.4. For tvOS versions prior to 18.4, update to tvOS 18.4. For macOS Ventura versions prior to 13.7.5, update to macOS Ventura 13.7.5. For iPadOS versions prior to 17.7.6, update to iPadOS 17.7.6. For macOS Sonoma versions prior to 14.7.5, update to macOS Sonoma 14.7.5. For iOS versions prior to 18.4, update to iOS 18.4. For iPadOS versions prior to 18.4, update to iPadOS 18.4. For visionOS versions prior to 2.4, update to visionOS 2.4.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 15.4 tvOS versions prior to 18.4 macOS Ventura versions prior to 13.7.5 iPadOS versions prior to 17.7.6 macOS Sonoma versions prior to 14.7.5 iOS versions prior to 18.4 iPadOS versions prior to 18.4 visionOS versions prior to 2.4 **Description** An authentication issue was addressed with improved state management. This issue allows an attacker on the local network to bypass authentication policy. **Recommendations** Update to macOS 15.4 or later. Update to tvOS 18.4 or later. Update to macOS Ventura 13.7.5 or later. Update to iPadOS 17.7.6 or later. Update to macOS Sonoma 14.7.5 or later. Update to iOS 18.4 or later. Update to iPadOS 18.4 or later. Update to visionOS 2.4 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 18.4 iPadOS versions prior to 18.4 macOS Sequoia versions prior to 15.4 tvOS versions prior to 18.4 visionOS versions prior to 2.4 **Description** A null pointer dereference issue was addressed through improved input validation. An attacker on the local network could cause a denial-of-service. **Recommendations** For iOS versions prior to 18.4, update to iOS 18.4 or later. For iPadOS versions prior to 18.4, update to iPadOS 18.4 or later. For macOS Sequoia versions prior to 15.4, update to macOS Sequoia 15.4 or later. For tvOS versions prior to 18.4, update to tvOS 18.4 or later. For visionOS versions prior to 2.4, update to visionOS 2.4 or later.

**Name of the Vulnerable Software and Affected Versions** macOS Sequoia versions prior to 15.4 tvOS versions prior to 18.4 macOS Ventura versions prior to 13.7.5 iPadOS versions prior to 17.7.6 macOS Sonoma versions prior to 14.7.5 iOS versions prior to 18.4 iPadOS versions prior to 18.4 visionOS versions prior to 2.4 **Description** A type confusion issue was addressed with improved checks. An attacker on the local network may cause an unexpected app termination. **Recommendations** For macOS Sequoia versions prior to 15.4, update to macOS Sequoia 15.4. For tvOS versions prior to 18.4, update to tvOS 18.4. For macOS Ventura versions prior to 13.7.5, update to macOS Ventura 13.7.5. For iPadOS versions prior to 17.7.6, update to iPadOS 17.7.6. For macOS Sonoma versions prior to 14.7.5, update to macOS Sonoma 14.7.5. For iOS versions prior to 18.4, update to iOS 18.4. For iPadOS versions prior to 18.4, update to iPadOS 18.4. For visionOS versions prior to 2.4, update to visionOS 2.4.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 15.4 tvOS versions prior to 18.4 iPadOS versions prior to 17.7.6 and 18.4 macOS Sonoma versions prior to 14.7.5 iOS versions prior to 18.4 watchOS versions prior to 11.4 visionOS versions prior to 2.4 **Description** The issue is related to an integer overflow that was addressed with improved input validation. An attacker on the local network may be able to cause a denial-of-service. **Recommendations** For macOS versions prior to 15.4, update to macOS Sequoia 15.4. For tvOS versions prior to 18.4, update to tvOS 18.4. For iPadOS versions prior to 17.7.6 and 18.4, update to iPadOS 17.7.6 or iPadOS 18.4. For macOS Sonoma versions prior to 14.7.5, update to macOS Sonoma 14.7.5. For iOS versions prior to 18.4, update to iOS 18.4. For watchOS versions prior to 11.4, update to watchOS 11.4. For visionOS versions prior to 2.4, update to visionOS 2.4.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 18.3 iPadOS versions prior to 18.3 visionOS versions prior to 2.3 macOS Ventura versions prior to 13.7.5 iPadOS versions prior to 17.7.6 macOS Sonoma versions prior to 14.7.5 macOS Sequoia versions prior to 15.3 tvOS versions prior to 18.3 **Description** A null pointer dereference issue was addressed through improved input validation. An attacker on the local network may cause a denial-of-service. **Recommendations** For iOS versions prior to 18.3, update to iOS 18.3 or later. For iPadOS versions prior to 18.3, update to iPadOS 18.3 or later. For visionOS versions prior to 2.3, update to visionOS 2.3 or later. For macOS Ventura versions prior to 13.7.5, update to macOS Ventura 13.7.5 or later. For iPadOS versions prior to 17.7.6, update to iPadOS 17.7.6 or later. For macOS Sonoma versions prior to 14.7.5, update to macOS Sonoma 14.7.5 or later. For macOS Sequoia versions prior to 15.3, update to macOS Sequoia 15.3 or later. For tvOS versions prior to 18.3, update to tvOS 18.3 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 15.3 iOS versions prior to 18.3 iPadOS versions prior to 18.3 **Description** The issue is related to a null pointer dereference in the implementation of AirPlay technology in macOS, iOS, and iPadOS operating systems. This could allow a remote attacker to cause a denial-of-service. **Recommendations** For macOS versions prior to 15.3, update to macOS Sequoia 15.3 to resolve the issue. For iOS versions prior to 18.3, update to iOS 18.3 to resolve the issue. For iPadOS versions prior to 18.3, update to iPadOS 18.3 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** visionOS versions prior to 2.3 iOS versions prior to 18.3 iPadOS versions prior to 18.3 macOS Sequoia versions prior to 15.3 watchOS versions prior to 11.3 tvOS versions prior to 18.3 **Description** A type confusion issue was addressed with improved checks. This issue may allow a remote attacker to cause an unexpected app termination. The vulnerability is related to the AirPlay protocol and can be exploited through the `/getProperty` API endpoint using the `POST` method. Examples of attack outcomes include distracting drivers through image display and playing audio, or potentially actions like eavesdropping on conversations and tracking a vehicle's location. Crashing the AirPlay server creates an opening for a man-in-the-middle attack. **Recommendations** For visionOS versions prior to 2.3, update to version 2.3 or later. For iOS versions prior to 18.3, update to version 18.3 or later. For iPadOS versions prior to 18.3, update to version 18.3 or later. For macOS Sequoia versions prior to 15.3, update to version 15.3 or later. For watchOS versions prior to 11.3, update to version 11.3 or later. For tvOS versions prior to 18.3, update to version 18.3 or later. As a temporary workaround, consider disabling the AirPlay protocol until a patch is available. Restrict access to the `/getProperty` API endpoint to minimize the risk of exploitation. Avoid using the `POST` method for the `/getProperty` command until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** visionOS versions prior to 2.3 iOS versions prior to 18.3 iPadOS versions prior to 18.3 macOS Sequoia versions prior to 15.3 watchOS versions prior to 11.3 tvOS versions prior to 18.3 **Description** An input validation issue was addressed, which could allow an attacker on the local network to cause unexpected system termination or corrupt process memory. The issue is also related to a buffer overflow vulnerability in the implementation of the AirPlay technology in the affected operating systems, which could be exploited by a remote attacker to cause a denial of service or execute arbitrary code. **Recommendations** For visionOS versions prior to 2.3, update to visionOS 2.3 to resolve the issue. For iOS versions prior to 18.3, update to iOS 18.3 to resolve the issue. For iPadOS versions prior to 18.3, update to iPadOS 18.3 to resolve the issue. For macOS Sequoia versions prior to 15.3, update to macOS Sequoia 15.3 to resolve the issue. For watchOS versions prior to 11.3, update to watchOS 11.3 to resolve the issue. For tvOS versions prior to 18.3, update to tvOS 18.3 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iPadOS versions prior to 17.7.4 macOS Sonoma versions prior to 14.7.3 visionOS versions prior to 2.3 iOS versions prior to 18.3 iPadOS versions prior to 18.3 macOS Sequoia versions prior to 15.3 watchOS versions prior to 11.3 tvOS versions prior to 18.3 **Description** A type confusion issue was addressed with improved checks. This issue may allow a remote attacker to cause an unexpected application termination or arbitrary code execution. **Recommendations** For iPadOS versions prior to 17.7.4, update to iPadOS 17.7.4 or later. For macOS Sonoma versions prior to 14.7.3, update to macOS Sonoma 14.7.3 or later. For visionOS versions prior to 2.3, update to visionOS 2.3 or later. For iOS versions prior to 18.3, update to iOS 18.3 or later. For iPadOS versions prior to 18.3, update to iPadOS 18.3 or later. For macOS Sequoia versions prior to 15.3, update to macOS Sequoia 15.3 or later. For watchOS versions prior to 11.3, update to watchOS 11.3 or later. For tvOS versions prior to 18.3, update to tvOS 18.3 or later.

**Name of the Vulnerable Software and Affected Versions** visionOS versions prior to 2.3 iOS versions prior to 18.3 iPadOS versions prior to 18.3 macOS Sequoia versions prior to 15.3 watchOS versions prior to 11.3 tvOS versions prior to 18.3 **Description** The issue is related to a buffer overflow in memory due to improper handling of the AirPlay technology implementation in the affected operating systems. An attacker in a privileged position may be able to perform a denial-of-service. The problem was solved by improving memory management. **Recommendations** For visionOS versions prior to 2.3, update to version 2.3 or later. For iOS versions prior to 18.3, update to version 18.3 or later. For iPadOS versions prior to 18.3, update to version 18.3 or later. For macOS Sequoia versions prior to 15.3, update to version 15.3 or later. For watchOS versions prior to 11.3, update to version 11.3 or later. For tvOS versions prior to 18.3, update to version 18.3 or later.

Name of the Vulnerable Software and Affected Versions: Snap One OVRC cloud (affected versions not specified) Description: A vulnerability exists in the Snap One OVRC cloud, allowing an attacker to impersonate a Hub device and send requests to claim and unclaim devices. The attacker only needs to provide the MAC address of the targeted device. This issue is related to the possibility of sending requests to the database without passing the authentication procedure, which can allow a remote attacker to gain unauthorized access to add or remove network devices. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Snap One OVRC cloud (affected versions not specified) Description: The issue concerns the use of MAC addresses as identifiers in the Snap One OVRC cloud, allowing an attacker to impersonate other devices by supplying enumerated MAC addresses and potentially receive sensitive information about the device. This could lead to unauthorized access to protected information. An attacker can exploit this by spoofing MAC addresses due to incorrect handling, enabling remote unauthorized access to sensitive data. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Crestron AM-300 firmware version 1.4499.00018 **Description** The issue is an OS command injection vulnerability that may allow a user with limited-access SSH session to escalate their privileges to root-level access. **Recommendations** For Crestron AM-300 firmware version 1.4499.00018, at the moment, there is no information about a newer version that contains a fix for this vulnerability.