Apple releases emergency update to address the arbitrary code execution zero-day vulnerability (CVE-2021-30883)

On Monday, Apple released an iPhone security update to fix a major vulnerability that is being exploited in the wild. With the latest patch, the corporation has now resolved a total of 17 zero-days in 2021  a new high. 
 
The vulnerability CVE-2021-30883 involves a memory corruption flaw in the IOMobileFrameBuffer component. This flaw allows an application to run arbitrary code with kernel privileges. Apple stated that they are aware of a report that this issue may have been actively exploited while citing an unnamed researcher as the source of the vulnerability. 
 
To allow most users to apply the fix and prevent additional adversaries from weaponizing the vulnerability, technical details about the issue and the nature of the assaults, as well as the identity of the threat actor, are still unknown. The iPhone maker said that it has addressed the issue by improving memory management. 

Affected versions

  • iPad Air 2 and later 
  • iPhone 6s and later 
  • iPad Pro (all models) 
  • iPad mini 4 and later 
  • iPod touch (7th generation) 
  • iPad 5th generation and later

Mitigation  
To mitigate this security issue, Apple iPhone and iPad owners are advised to update to the latest version (iOS 15.0.2 and iPadOS 15.0.2). For more information, please refer to Apple advisory.

Qualys Detection  
Qualys customers can scan their devices with QID 610371 to detect vulnerable assets.
Please continue to follow Qualys Threat Protection for more coverage on the latest vulnerabilities.

References 
https://support.apple.com/en-us/HT212846  
https://saaramar.github.io/IOMFB_integer_overflow_poc/  
https://therecord.media/apple-patches-iphone-zero-day-in-ios-15-0-2/  
https://thehackernews.com/2021/10/apple-releases-urgent-iphone-and-ipad.html  
https://www.bleepingcomputer.com/news/security/emergency-apple-ios-1502-update-fixes-zero-day-used-in-attacks/  

Leave a Reply

Your email address will not be published. Required fields are marked *