Apple released emergency update to fix zero-day actively exploited

Apple released emergency updates for both iOS and iPadOS to address a zero-day flaw that is actively exploited in the wild.

Apple has released iOS 15.0.2 and iPadOS 15.0.2 to address a zero-day flaw, tracked as CVE-2021-30883, that is actively exploited in the wild.

The flaw is a critical memory corruption issue that resides in the IOMobileFrameBuffer, an application can trigger the vulnerability to execute commands on vulnerable devices with kernel privileges.

Apple is aware of attacks in the wild exploiting this flaw, but it avoided sharing details about them.

“An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.” reads the advisory published by the IT giant. “A memory corruption issue was addressed with improved memory handling.”

The CVE-2021-30883 vulnerability was reported by an anonymous researcher. Apple updates are available for iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).

Researchers from BleepingComputer noticed that shortly after the vulnerability was disclosed, the security researcher Saar Amar published an analysis of the zero-day and proof-of-concept exploit for this flaw.

“The POCs I have shown here work all the same on iOS 14.7.1-15.0.1. It’s probably true for much earlier versions as well, but I checked only on 14.7.1-15.0.1. Please note that over different devices/versions, some of the constants may be different. I specifically wrote the devices/versions I tested on, and it looks consistent, but it may be different on older versions. Just for fun, I checked it also on iPhone 11 Pro Max, iOS 15.0, and it worked the same :)” wrote Amar.“

Recently, Apple addressed a long string of zero-day vulnerabilities actively exploited in attacks in the wild:

• September 2021 – One zero-day vulnerability, tracked as CVE-2021-30860, exploited to deploy the NSO Pegasus spyware.
• September 2021 – Two zero-day flaws in iOS and macOS (CVE-2021-30860, CVE-2021-30858).
• July 2021 – CVE-2021-30807 zero day.

The other zero-day issues fixed by Apple this year are:

CVE

CVE-2021-1782

CVE-2021-1870

CVE-2021-1871

CVE-2021-1879

CVE-2021-30657

CVE-2021-30661

CVE-2021-30663

CVE-2021-30665

CVE-2021-30666

CVE-2021-30713

CVE-2021-30761

CVE-2021-30762

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, zero-day)

[adrotate banner=”5″]

[adrotate banner=”13″]