Your one-stop web resource providing safety and security information to manufacturers

Apple released AirPort Base Station Firmware Update 7.9.1 to address vulnerabilities in AirPort Extreme and AirPort Time Capsule wireless routers.

A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

RELATED STORIES
Apple Makes Security Fixes
Apple Working on macOS Kernel Fix
Apple Clears FaceTime, Shortcuts Holes
Leveraging Hole in Siri Shortcuts

The vulnerabilities in AirPort Extreme and AirPort Time Capsule base stations with 802.11ac include:
• An out-of-bounds read addressed with improved input validation
• A null pointer dereference addressed with improved input validation
• A denial of service issue addressed with improved validation
• A use after free issue addressed with improved memory management
• A base station factory reset may not delete all user information
• A denial of service issue addressed with improved memory handling
• Source-routed IPv4 packets were disabled by default
• A null pointer dereference addressed with improved input validation

With the various vulnerabilities, a remote attacker may be able to leak memory, cause a system denial of service, cause arbitrary code execution, a base station factory reset may not delete all user information, an attacker in a privileged position may be able to perform a denial of service attack, source-routed IPv4 packets may be unexpectedly accepted.

Schneider Bold

As always, Apple said in its advisory it does not disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available.

Pin It on Pinterest

Share This