|CERT-In Vulnerability Note
Memory Corruption vulnerability in Apple iOS 14.7.1 and iPadOS 14.7.1 security updates
Original Issue Date:July 28, 2021
Severity Rating: HIGH
- Apple macOS Big Sur versions prior to 11.5.1
- Apple iOS and iPadOS versions prior to 14.7.1
- iPhone 6s and later,
- iPad Pro (all models)
- iPad Air 2 and later
- iPad 5th generation and later
- iPad mini 4 and later
- iPod touch (7th generation)
- macOS Big Sur
A vulnerability has been reported in Apple iOS and iPadOS which could be exploited by a remote attacker to execute arbitrary code and gain elevated privileges on a targeted system.
This vulnerability exists in IOMobileFrameBuffer of Apple iOS and iPadOS due to memory corruption issue with inadequate memory handling. A remote attacker with kernel privileges can exploit this vulnerability using a maliciously crafted application.
Successful exploitation of these vulnerabilities could allow an attacker to with kernel privileges to execute arbitrary code and gain elevated privileges on a targeted system.
Note: This vulnerability is currently being exploited in the wild, users are advised to apply patches urgently.
Apply appropriate updates as mentioned in Apple Security updates:
The information provided herein is on "as is" basis, without warranty of any kind.
Email: firstname.lastname@example.org Phone: +91-11-24368572
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
6, CGO Complex, Lodhi Road,
New Delhi - 110 003