Pierluigi Paganini
January 26, 2022
Apple has released security updates to address a couple of zero-day vulnerabilities, one of them being actively exploited in the wild by threat actors to compromise iPhone and Mac devices.
One of the zero-day flaws addressed by the IT giant, tracked as CVE-2022-22587, is a memory corruption issue that resides in the IOMobileFrameBuffer and affects iOS, iPadOS, and macOS Monterey.
The exploitation of this flaw leads to arbitrary code execution with kernel privileges on compromised devices.
“A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.” reads the security advisory published by Apple.
The company addressed the flaw by improving input validation. The vulnerability impacts iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).
Apple acknowledged an anonymous researcher, Meysam Firouzi (@R00tkitSMM) of MBition – Mercedes-Benz Innovation Lab, and Siddharth Aeri (@b1n4r1b01) for having reported this flaw.
“actively exploited” – Achievement Unlocked 💀
— binaryboy (@b1n4r1b01) January 26, 2022
Btw I already posted the poc for this one on 1st January pic.twitter.com/3nmEvgnyPZ
The second zero-day vulnerability, tracked as CVE-2022-22594, is a Safari WebKit issue that impacts iOS and iPadOS. Due to this flaw, a website could track user browsing activity and identities in real-time.
“A cross-origin issue in the IndexDB API was addressed with improved input validation.” reads the advisory. “A website may be able to track sensitive user information”
This vulnerability impacts iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).
The bug was first reported to Apple by Martin Bajanik of FingerprintJS on November 28th and apple addressed it with the release of iOS 15.3 and iPadOS 15.3 security update.
Follow me on Twitter: @securityaffairs and Facebook
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, zero-day)
[adrotate banner=”5″]
[adrotate banner=”13″]
