15 June 2021

Apple fixes two iOS zero-days exploited in the wild


Apple fixes two iOS zero-days exploited in the wild

Apple has released security updates to patch three high-risk vulnerabilities in its iOS operating system, with two of the bugs being zero-day vulnerabilities that the Cupertino-based company says are being exploited in the wild.

The zero-days in question are CVE-2021-30761 and CVE-2021-30762. Both bugs affect the WebKit component in Apple iOS and allow remote code execution.

CVE-2021-30761 is a buffer overflow issue, which exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

CVE-2021-30762 is a use-after-free vulnerability, which exists due to a boundary error when processing HTML content within the WebKit component in Apple iOS. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger a use-after-free error and execute arbitrary code on the target system.

In addition, Apple has also patched CVE-2021-30737, which is a buffer overflow bug in ASN.1 decoder. The vulnerability exists due to a boundary error in the ASN.1 decoder when processing TLS certificates. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption with a specially crafted TLS certificate and execute arbitrary code on the system.

The iOS 12.5.4 update is intended for iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation). All users are advised to update their devices as soon as possible.


Back to the list

Latest Posts

NSA publishes guidance on how to secure wireless devices in public settings

NSA publishes guidance on how to secure wireless devices in public settings

The agency advises to avoid connecting to public Wi-Fi, and use a corporate or personal Wi-Fi hotspot with strong authentication and encryption whenever possible.
30 July 2021
Death Kitty ransomware reportedly behind the attack on South African ports

Death Kitty ransomware reportedly behind the attack on South African ports

The attackers claim they encrypted the company’s files, including 1TB of personal data, financial reports and other documents.
30 July 2021
New destructive wiper malware linked to recent Iranian railway attack

New destructive wiper malware linked to recent Iranian railway attack

The Meteor wiper was developed in the past three years and seems to be designed for reuse in multiple campaigns.
30 July 2021