Researchers at Google disclosed details and proof-of-concept exploit codes for 4 out of 5 security vulnerabilities in Apple iOS that could be exploited by attackers to hack Apple devices by sending a specially-crafted message over iMessage. The vulnerabilities required no user interaction to be exploited.
The flaws were reported by Google Project zero white hat hackers Samuel Groß and Natalie Silvanovich. Below the list of the flaws:
Google researchers did not disclose details for one these flaws, tracked as CVE-2019-8641, because the Apple iOS update patch did not completely address the flaw.
Apple addressed the vulnerabilities with the release of the latest iOS 12.4 update.
The other flaw, tracked as CVE-2019-8646, is an out-of-bounds read that can be exploited by a remote attacker to read files stored on the target’s device. The flaw could be exploited by just sending a specially-crafted message via iMessage.
Last week, Silvanovich also released details and a PoC exploit for another out-of-bounds read vulnerability, tracked as CVE-2019-8624, that could be exploited by remote attackers to leak memory and read files from the target devices.
The CVE-2019-8624 flaw resides in Digital Touch component of watchOS and affects Apple Watch Series 1 and later. Apple addressed the flaw with the release of watchOS 5.3.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – Apple iOS, hacking)
[adrotate banner=”5″]
[adrotate banner=”13″]
The U.S. Department of Justice (DoJ) announced the arrest of two co-founders of a cryptocurrency mixer…
Google addressed a critical Chrome vulnerability, tracked as CVE-2024-4058, that resides in the ANGLE graphics…
Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November…
A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute…
The Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned four Iranian nationals for their…
A cyber attack on Leicester City Council resulted in certain street lights remaining illuminated all…
This website uses cookies.