Apple has released iOS 15.0.2 and iPadOS 15.0.2 to address a zero-day flaw, tracked as CVE-2021-30883, that is actively exploited in the wild.
The flaw is a critical memory corruption issue that resides in the IOMobileFrameBuffer, an application can trigger the vulnerability to execute commands on vulnerable devices with kernel privileges.
Apple is aware of attacks in the wild exploiting this flaw, but it avoided sharing details about them.
“An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.” reads the advisory published by the IT giant. “A memory corruption issue was addressed with improved memory handling.”
The CVE-2021-30883 vulnerability was reported by an anonymous researcher. Apple updates are available for iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).
Researchers from BleepingComputer noticed that shortly after the vulnerability was disclosed, the security researcher Saar Amar published an analysis of the zero-day and proof-of-concept exploit for this flaw.
“The POCs I have shown here work all the same on iOS 14.7.1-15.0.1. It’s probably true for much earlier versions as well, but I checked only on 14.7.1-15.0.1. Please note that over different devices/versions, some of the constants may be different. I specifically wrote the devices/versions I tested on, and it looks consistent, but it may be different on older versions. Just for fun, I checked it also on iPhone 11 Pro Max, iOS 15.0, and it worked the same :)” wrote Amar.“
Recently, Apple addressed a long string of zero-day vulnerabilities actively exploited in attacks in the wild:
The other zero-day issues fixed by Apple this year are:
CVE |
CVE-2021-1782 |
CVE-2021-1870 |
CVE-2021-1871 |
CVE-2021-1879 |
CVE-2021-30657 |
CVE-2021-30661 |
CVE-2021-30663 |
CVE-2021-30665 |
CVE-2021-30666 |
CVE-2021-30713 |
CVE-2021-30761 |
CVE-2021-30762 |
Follow me on Twitter: @securityaffairs and Facebook
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, zero-day)
[adrotate banner=”5″]
[adrotate banner=”13″]