Apple has released security advisories to address a vulnerability in WebKit. The vulnerability has been assigned with the CVE-2023-23529. It affects multiple devices, including macOS, iPadOS, and iOS. Apple has mentioned in its advisory that they are aware of a report that the CVE-2023-23529 may have been actively exploited. The zero-day vulnerability might be used … Continue reading “Apple Patches Zero-day Vulnerability in WebKit (CVE-2023-23529)”
Tag: iOS
Apple Patches Actively Exploited Zero-day Vulnerability in iOS and iPadOS (CVE-2022-42856)
Apple has released an update to address an actively exploited zero-day vulnerability in WebKit. Tracked as CVE-2022-42856, this is a type confusion vulnerability that could allow arbitrary code execution on a vulnerable device. Clément Lecigne of Google’s Threat Analysis Group has discovered this vulnerability. The advisory says, “This issue may have been actively exploited … Continue reading “Apple Patches Actively Exploited Zero-day Vulnerability in iOS and iPadOS (CVE-2022-42856)”
Apple Releases Emergency Updates for Two Zero-Day Vulnerabilities (CVE-2022-22674 & CVE-2022-22675)
Apple has released security updates to patch two zero-day vulnerabilities (CVE-2022-22674 and CVE-2022-22675) exploited by attackers to hack iPhones, iPads, and Macs. Apple revealed active exploitation in the wild but did not provide any other information about the attacks. Withholding this information should allow security patches to reach as many iPhones, iPads, and Macs … Continue reading “Apple Releases Emergency Updates for Two Zero-Day Vulnerabilities (CVE-2022-22674 & CVE-2022-22675)”
Apple releases security updates to fix severe vulnerabilities including two zero-day exploits
Apple has released a security update to address various previously exploited vulnerabilities including one exploited in the wild. The security update covers the serious security bugs in macOS and iOS/iPadOS. The first zero-day (CVE-2022-22587) is a memory corruption flaw that a malicious app might use to run arbitrary code with kernel privileges. The vulnerability affects … Continue reading “Apple releases security updates to fix severe vulnerabilities including two zero-day exploits”
Update your devices with Apple’s latest security patches
Apple has been focusing on the security of its devices. One of the most critical actions to keep your Apple product secure is to keep its software up-to-date. Apple has rolled out security updates to older iPhones, iPads, Apple TV, and Watch series. The update consists of: tvOS is 15.1. watchOS is 8.1. macOS is 12.0.1. iOS and iPadOS is 15.1. iOS 14.8.1 and iPadOS 14.8.1 Apple published iOS … Continue reading “Update your devices with Apple’s latest security patches”
Apple releases emergency update to address the arbitrary code execution zero-day vulnerability (CVE-2021-30883)
On Monday, Apple released an iPhone security update to fix a major vulnerability that is being exploited in the wild. With the latest patch, the corporation has now resolved a total of 17 zero-days in 2021 – a new high. The vulnerability CVE-2021-30883 involves a memory corruption flaw in the IOMobileFrameBuffer component. This flaw allows an application to run arbitrary … Continue reading “Apple releases emergency update to address the arbitrary code execution zero-day vulnerability (CVE-2021-30883)”
Apple Arbitrary Code Injection Vulnerability (CVE-2021-30869)
Apple provided security fixes to address a zero-day vulnerability on Thursday. The attackers have used it in the wild to break into iPhones and Macs running older versions of iOS and macOS. Apple has also provided patches for a previously patched security flaw exploited by NSO Group’s Pegasus surveillance tool to target iPhone users. CVE-2021-30869 is a zero-day vulnerability. This is a type-confusion hole in Apple’s … Continue reading “Apple Arbitrary Code Injection Vulnerability (CVE-2021-30869)”
Apple Devices Critical Vulnerabilities (CVE-2020-27930, CVE-2020-27950, CVE-2020-27932)
Overview On November 5th, 2020, three iOS zero-day vulnerabilities were patched by Apple, which were exploited in the wild affecting Apple devices such as iPhone, iPad, and iPod. Ben Hawkes from Google Project Zero discovered these flaws that were affecting variants of Apple devices. CVE-2020-27930 (RCE) – An RCE in FontParser library that was triggered … Continue reading “Apple Devices Critical Vulnerabilities (CVE-2020-27930, CVE-2020-27950, CVE-2020-27932)”
Cisco IOS and IOS XE Multiple Vulnerabilities
Multiple vulnerabilities including authorization bypass, DoS, arbitrary code execution and such other critical vulnerabilities were observed in various Cisco IOS and IOS XE devices in September 2020. To this, Cisco published a collated report of all 34 vulnerabilities as an advisory – ERP-74268. In its semi-annual report, published on Sept 24, 2020, Cisco released bundles … Continue reading “Cisco IOS and IOS XE Multiple Vulnerabilities”
Kr00k Wi-Fi Vulnerability (CVE-2019-15126)
Summary: In last week of February,2020, after MSPT, a serious vulnerability in Wi-Fi chips, formally known as CVE-2019-15126., very well known as Kr00K in the wild. Krook was hot topic to be discussed in RSA conference 2020. Description: What is Kr00k? Krook is a vulnerability of the wireless egress packet implementation and processing of certain … Continue reading “Kr00k Wi-Fi Vulnerability (CVE-2019-15126)”