Apple released emergency update to fix zero-day actively exploited

Apple released emergency updates for both iOS and iPadOS to address a zero-day flaw that is actively exploited in the wild.

Apple has released iOS 15.0.2 and iPadOS 15.0.2 to address a zero-day flaw, tracked as CVE-2021-30883, that is actively exploited in the wild.

The flaw is a critical memory corruption issue that resides in the IOMobileFrameBuffer, an application can trigger the vulnerability to execute commands on vulnerable devices with kernel privileges.

Apple is aware of attacks in the wild exploiting this flaw, but it avoided sharing details about them.

“An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.” reads the advisory published by the IT giant. “A memory corruption issue was addressed with improved memory handling.”

The CVE-2021-30883 vulnerability was reported by an anonymous researcher. Apple updates are available for iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).

Researchers from BleepingComputer noticed that shortly after the vulnerability was disclosed, the security researcher Saar Amar published an analysis of the zero-day and proof-of-concept exploit for this flaw.

“The POCs I have shown here work all the same on iOS 14.7.1-15.0.1. It’s probably true for much earlier versions as well, but I checked only on 14.7.1-15.0.1. Please note that over different devices/versions, some of the constants may be different. I specifically wrote the devices/versions I tested on, and it looks consistent, but it may be different on older versions. Just for fun, I checked it also on iPhone 11 Pro Max, iOS 15.0, and it worked the same :)” wrote Amar.

So, another IOMFB vulnerability was exploited ITW (15.0.2). I bindiffed the patch and built a POC. And, because it’s a great bug, I just finished writing a short blogpost with the tech details, to share this knowledge Check it out! https://t.co/bWWbNl8RC7 pic.twitter.com/GqzCcMIcum

— Saar Amar (@AmarSaar) October 11, 2021

Recently, Apple addressed a long string of zero-day vulnerabilities actively exploited in attacks in the wild:

September 2021 – One zero-day vulnerability, tracked as CVE-2021-30860, exploited to deploy the NSO Pegasus spyware.September 2021 – Two zero-day flaws in iOS and macOS (CVE-2021-30860, CVE-2021-30858).July 2021 – CVE-2021-30807 zero day.

The other zero-day issues fixed by Apple this year are:

CVECVE-2021-1782CVE-2021-1870CVE-2021-1871CVE-2021-1879CVE-2021-30657CVE-2021-30661CVE-2021-30663CVE-2021-30665CVE-2021-30666CVE-2021-30713CVE-2021-30761CVE-2021-30762

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, zero-day)

The post Apple released emergency update to fix zero-day actively exploited appeared first on Security Affairs.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt