News of a fresh software vulnerability that is being publicly exploited has emerged. The software vulnerability concerns mobile device software, specifically the operating systems of the iPhone and the iPad. Apple, a brand that needs no introduction, is regarded as the minimalist, sleek prince of the tech world that is encapsulated within impenetrable crystal walls. However, there have already been a few software exploits related to Apple’s products that are being publicly exploited in the wild, meaning that these are very serious security issues that threaten the security of the countless iPhones and iPads out there.
This time, news of a zero-day privilege escalation software vulnerability affecting iOS (the iPhone OS) and iPad OS (the iPad OS) is circulating on the internet. The software vulnerability, when exploited by malicious threat actors, can lead to the execution of arbitrary code via a malicious application method. Thus, this can lead to the compromise of a vulnerable system’s security and integrity.
High-Risk Privilege Escalation Software Vulnerability
On October 11th, 2021 a report was posted on Apple’s support portal detailing a high-risk software vulnerability. According to The Cybersecurity & Infrastructure Security Agency (CISA), this vulnerability (CVE-2021-30883) “has been detected in exploits in the wild.”
A Deeper Look
More in-depth technical details reveal that this is an Integer overflow type vulnerability that allows a malicious application to escalate privileges on the system. The vulnerability exists due to a boundary error within the IOMobileFrameBuffer subsystem. Moreover, a malicious application can trigger an integer overflow and execute arbitrary code with kernel privileges. The most important information for users is that the vulnerability is being actively exploited in the wild.
The IOMobileFrameBuffer/AppleCLCD is a vulnerable attack surface, that according to security researchers Saar Amar is “accessible from the app sandbox (so it’s great for jailbreaks) and many other processes, making it a good candidate for LPEs exploits in chains (WebContent, etc.).”
Which Software Versions Are Vulnerable?
Users should note that the following software versions of Apple iOS and iPadOS are vulnerable;
Apple iOS: 14.0 18A373, 14.0.1 18A393, 14.1 18A8395, 14.2 18B92, 14.2 18B111, 14.2.1 18B121, 14.3 18C66, 14.4 18D52, 14.4.1 18D61, 14.4.2 18D70, 14.5 18E199, 14.5.1 18E212, 14.6 18F72, 14.7 18G69, 14.7.1 18G82, 14.8 18H17, 15.0 19A346
iPadOS: 14.0 18A373, 14.0.1 18A393, 14.1 18A8395, 14.2 18B92, 14.2 18B111, 14.3 18C66, 14.4
18D52, 14.4.1 18D61, 14.4.2 18D70, 14.5 18E199, 14.5.1 18E212, 14.6 18F72, 14.7 18G69, 14.7
18G70, 14.7.1 18G82, 14.8 18H17, 15.0 19A346
Update Information For iPhone and iPad Users
According to the U.S.’s CISA, “CISA encourages users to review the Apple security page for iOS 15.0.2 and iPad OS 15.0.2 and apply the necessary updates as soon as possible.” The good news is that these updates have been released for both iOS and iPad OS. The corresponding updates, iOS 15.0.2 and iPad OS 15.0.2 close the security gaps. In order to stay safe from any exploited software vulnerabilities, users should immediately ensure that their devices have been updated to the above versions by searching for ‘Software Update’ on their devices.
The released updates are available for iPhone 6s and later, as well as all models of iPad Air2, iPad Pro, and later, plus the 5th generation iPad and later models. Furthermore, iPad mini 4 and later models as well as the 7th generation iPod touch are covered as well.