Multiple vulnerabilities in Apple iOS

Published: 2019-02-08 09:25:46 | Updated: 2019-02-11
Severity High
Patch available YES
Number of vulnerabilities 4
CVE ID CVE-2019-7287
CVE-2019-7286
CVE-2019-7288
CVE-2019-6223
CVSSv3 8.4 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]
7.5 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]
6.4 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
4.9 [CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CWE ID CWE-119
CWE-264
Exploitation vector Network
Public exploit Vulnerability #1 is being exploited in the wild.
Vulnerability #2 is being exploited in the wild.
Vulnerable software Apple iOS
Vulnerable software versions Apple iOS 12.1.2
Apple iOS 12.1.3
Apple iOS 12.1.1

Show more

Vendor URL Apple Inc.

Security Advisory

1) Privilege escalation

Description

The vulnerability allows a local attacker to gain elevated privileges.

The weakness exists due to a boundary error in the IOKit component when handling malicious input. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

Note: according to Ben Hawkes, team leader at Project Zero, the vulnerability has been exploited in the wild as 0day.

Remediation

Update to versions 12.1.4.

External links

https://support.apple.com/en-us/HT209520

2) Memory corruption

Description

The vulnerability allows a local attacker to gain elevated privileges.

The weakness exists due to a boundary error in the Foundation component when handling malicious input. A local attacker can run a specially crafted application, trigger memory corruption and gain elevated privileges.

Note: according to Ben Hawkes, team leader at Project Zero, the vulnerability has been exploited in the wild as 0day.

Remediation

Update to versions 12.1.4.

External links

https://support.apple.com/en-us/HT209520
https://twitter.com/benhawkes?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E10935817379242598...

3) Security restrictions bypass

Description

The vulnerability allows a remote attacker to bypass security restrictions.

The weakness exists due to improper validation on the FaceTime server. A remote attacker can cause an error in Live Photos in FaceTime and bypass security restrictions.

Remediation

Update to versions 12.1.4.

External links

https://support.apple.com/en-us/HT209520

4) Security restrictions bypass

Description

The vulnerability allows a remote attacker to bypass security restrictions.

The weakness exists due to a logic issue in the handling of Group FaceTime calls. A remote attacker who is the initiator of a Group FaceTime call can cause the recipient to answer.

Remediation

Update to versions 12.1.4.

External links

https://support.apple.com/en-us/HT209520

Back to List