Attackers Exploited Vulnerabilities in Attacks Against iOS and macOS (CVE-2024-23225 & CVE-2024-23296)

Apple has released patches to address multiple vulnerabilities impacting popular products, including iOS and iPadOS. Two of the vulnerabilities, CVE-2024-23225 and CVE-2024-23296, were reportedly exploited in attacks against iOS and macOS. Apple mentioned in the advisory that it is aware of the exploitation of the vulnerabilities.

Apple Patches Actively Exploited Zero-day Vulnerability in macOS Ventura, iOS and iPadOS (CVE-2023-37450)

Apple has released patches for an actively exploited zero-day vulnerability in macOS Ventura, iOS, and iPadOS. Apple has mentioned in the advisory that they are aware of the issue being exploited. The vulnerability, CVE-2023-37450, was reported by an anonymous researcher. CISA has added the zero-day vulnerability to its Known Exploited Vulnerabilities Catalog and recommended users … Continue reading “Apple Patches Actively Exploited Zero-day Vulnerability in macOS Ventura, iOS and iPadOS (CVE-2023-37450)”

Apple Releases Emergency Updates for Two Zero-Day Vulnerabilities (CVE-2022-22674 & CVE-2022-22675)

Apple has released security updates to patch two zero-day vulnerabilities (CVE-2022-22674 and CVE-2022-22675) exploited by attackers to hack iPhones, iPads, and Macs. Apple revealed active exploitation in the wild but did not provide any other information about the attacks.     Withholding this information should allow security patches to reach as many iPhones, iPads, and Macs … Continue reading “Apple Releases Emergency Updates for Two Zero-Day Vulnerabilities (CVE-2022-22674 & CVE-2022-22675)”

Apple macOS Finder Remote Code Execution Zero-Day Vulnerability

A zero-day security flaw in Apple’s macOS Finder system has been detected. This vulnerability allows remote attackers to fool users into running arbitrary commands. Zero-day vulnerabilities are defects that have been publicly published but have not yet been patched by the vendor. These vulnerabilities are sometimes actively exploited by attackers or have publicly available proof-of-concept exploits. … Continue reading “Apple macOS Finder Remote Code Execution Zero-Day Vulnerability”

Apple Arbitrary Code Injection Vulnerability (CVE-2021-30869)

Apple provided security fixes to address a zero-day vulnerability on Thursday. The attackers have used it in the wild to break into iPhones and Macs running older versions of iOS and macOS. Apple has also provided patches for a previously patched security flaw exploited by NSO Group’s Pegasus surveillance tool to target iPhone users.  CVE-2021-30869 is a zero-day vulnerability. This is a type-confusion hole in Apple’s … Continue reading “Apple Arbitrary Code Injection Vulnerability (CVE-2021-30869)”

Zoom path traversal into remote code execution vulnerabilities (CVE-2020-6109, CVE-2020-6110)

Update June 5, 2020: Qualys’ standard procedure is to give proper credit to the security research teams working diligently to discover and report vulnerabilities. In our rush to deliver this article to customers, we missed giving credit to the talented Cisco Talos team, who are the original authors of this research. After additional review with a … Continue reading “Zoom path traversal into remote code execution vulnerabilities (CVE-2020-6109, CVE-2020-6110)”

MacOS Catalina memory leakage vulnerability (CVE-2020-3847)

Summary: This time an out-of-bounds read vulnerability was observed in in macOS Catalina 10.15.3. that leads to memory leakage vulnerability. Description: The Vulnerability involved in this exploit is in the processing code of SDP (Service Discovery Protocol) data frames. This section briefly introduces the SDP frame, as follows: Image Source: 360 The first byte PDU … Continue reading “MacOS Catalina memory leakage vulnerability (CVE-2020-3847)”

Kr00k Wi-Fi Vulnerability (CVE-2019-15126)

Summary: In last week of February,2020, after MSPT, a serious vulnerability in Wi-Fi chips, formally known as CVE-2019-15126., very well known as Kr00K in the wild. Krook was hot topic to be discussed in RSA conference 2020. Description: What is Kr00k? Krook is a vulnerability  of the wireless egress packet implementation and processing of certain … Continue reading “Kr00k Wi-Fi Vulnerability (CVE-2019-15126)”

PWFeedback Buffer Overflow Vulnerability in Sudo (CVE-2019-18634)

Summary: ‘sudo’ utility allows non-privileged Linux and macOS users to run commands as Root was discovered in recent days, tracked as CVE-2019-18634. Description: A core command utility that is pre-installed on macOS and almost every UNIX or Linux-based operating system, well-known as “Sudo” Sudo’s pwfeedback option can be used to provide visual feedback when the … Continue reading “PWFeedback Buffer Overflow Vulnerability in Sudo (CVE-2019-18634)”

Out-of-Order Execution Side-Channel attack [Spectre/Meltdown]

A flaw in Out-of-Order execution mechanism allows user level programs to leak addresses of kernel and process memory space. This vulnerability can be exploited to bypass KASLR as well as CPU security features like SMAP,SMEP,NX and PXN. It can be exploited to bypass OS process isolation. The issue affects processors from Intel, AMD ,ARM, Samsung and … Continue reading “Out-of-Order Execution Side-Channel attack [Spectre/Meltdown]”