Apple Patches Zero-Days in iOS, Known Vuln in macOS

  /     /     /  
Publicated : 23/11/2024   Category : security


Apple Patches Zero-Days in iOS, Known Vuln in macOS


One of the iOS vulnerabilities was discovered by Citizen Lab; the Google Threat Analysis Group reported iOS and macOS flaws.



Apple today released security updates for three vulnerabilities in iOS and one flaw in macOS Catalina. Two of the iOS flaws may have been actively exploited, while exploits for the third iOS bug and macOS flaw exist in the wild.
iOS is affected by CVE-2021-30860, a vulnerability in CoreGraphics that could lead to arbitrary code execution if a maliciously crafted PDF is processed. Apple is aware of reports that the flaw, discovered by Citizen Lab, may have been actively exploited.
WebKit vulnerability CVE-2021-30858 may lead to arbitrary code execution if maliciously crafted Web content is processed. Reports indicate this may have also been actively exploited.
CVE-2021-30869 exists in XNU, which is part of the Darwin operating system used in macOS and iOS. If exploited, the vulnerability could allow a malicious application to execute arbitrary code with kernel privileges. The flaw was discovered by Erye Hernandez and Clément Lecigne of Googles Threat Analysis Group, along with Ian Beer of Googles Project Zero. This flaw also exists in macOS Catalina.
Security updates are available in iOS 12.5.5 and Security Update 2021-006 Catalina.
Read more in Apples
iOS
and
macOS
updates.

Last News

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Apple Patches Zero-Days in iOS, Known Vuln in macOS