Apple Releases Updates to Actively Exploited ‎iOS and iPadOS Vulnerability - Hexafusion Blog | Hexafusion

Hexafusion Blog

Apple Releases Updates to Actively Exploited ‎iOS and iPadOS Vulnerability

Apple-Emergency-Update-15.0.2

Apple Releases Updates to Actively Exploited iOS and iPadOS Vulnerability

The vulnerability allows for arbitrary code execution at kernel level permissions and appears to be actively leveraged by threat actors. A software update should be performed ASAP.

Background

Apple has released an emergency update to iOS and iPadOS, impacting iPhones and iPads. It patches a severe memory corruption vulnerability, CVE-2021-30883.

It is essential that iPhones and iPads be updated ASAP, as Apple warns they have evidence of active exploitation in the wild.

Vulnerability details

The update patches CVE-2021-30883, which is a memory corruption vulnerability within IOMobileFrameBuffer that can allow an application to execute arbitrary code with kernel level permissions.

The kernel is the underlying core program that supports the higher level operating system you use on a day-to-day basis. With the kernel being the mechanism that defines file system permissions, it is more permissive and powerful than that of a normal administrative account as it can circumvent the permissions layer entirely.

While Apple is notoriously tight-lipped about details of their security vulnerabilities, Bleeping Computer mentions that a Proof of Concept (PoC) exploit has been made available by security researchers who reverse engineered the patch.

Mitigations

The Apple advisory states that the following devices are impacted:

  • iPhone 6s and later

  • iPad Pro (all models)

  • iPad Air 2 and later

  • iPad 5th generation and later

  • iPad mini 4 and later

  • iPod touch (7th generation)


It’s recommended you update potentially impacted devices to iOS 15.0.2 or iPadOS 15.0.2.

Resources

Official Apple Security Advisory
https://support.apple.com/en-us/HT212846

Bleeping Computer Article 

https://www.bleepingcomputer.com/news/security/emergency-apple-ios-1502-update-fixes-zero-day-used-in-attacks/

NVD entry
https://nvd.nist.gov/vuln/detail/CVE-2021-30883

Microsoft Released October 2021 Security Updates
Apple patches “FORCEDENTRY” zero-day exploited by ...

By accepting you will be accessing a service provided by a third-party external to https://hexafusion.com/