Kernel Component Remote Code Execution (RCE) VulnerabilityĪpple released a patch to fix a critical RCE vulnerability (CVE-2021-1851). It affects iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation). This vulnerability has a CVSSv3 base score of 7.8 and should be prioritized for patching as a malicious application may be able to gain root privileges. Foundation Local Privilege Escalation VulnerabilityĪpple released a patch to fix a local privilege escalation critical vulnerability (CVE-2021-1813). This vulnerability has a CVSSv3 base score of 8.8 and should be prioritized for patching as a remote attacker may be able to cause unexpected system termination or corrupt kernel memory. WebRTC Remote Code Execution (RCE) VulnerabilityĪpple released a patch to fix an RCE critical vulnerability (CVE-2020-7463). Apple device users will benefit from the additional protection provided by these enhancements.Ī Qualys detection (QID) is now available to identify devices missing this latest version. Zero-click exploits allow a hacker to take over an iPhone with no interaction from the target, as evidenced by this zero-click attack reported in December 2020. As part of the releases, Apple has also made major enhancements related to zero-click (or 0-click) exploit protection that make it more difficult for hackers to take control of an iPhone. The vulnerabilities affect iOS and iPadOS components including Accessibility, CFNetwork, CoreFoundation, FaceTime, Safari, ImageIO, Kernel, Preferences, Safari, WebKit, and others. Qualys recommends security teams to immediately update all devices running iOS and iPadOS to the latest version. Apple recently released iOS 14.5 and iPadOS 14.5 which include a security update that addresses almost 50 vulnerabilities including several critical RCE and privilege escalation vulnerabilities.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |