The vulnerability was patched by Apple in iOS 12.4, which was released last week.
Apple’s instant messaging service iMessage contains a major security flaw in the application. The bug, which is an out-of-bounds issue, was actually fixed by Apple in iOS 12.4. However, security researcher Natalie Silvanovich of Google Project Zero came across this flaw in iMessage despite it being patched.
According to Silvanovich, the issue stems from a class called ‘_NSDataFileBackedFuture’ in the application, which could allow access to read files on the iPhone.
Here below, you can find brief details, links to the security advisory, and PoC exploits for all four vulnerabilities:
- CVE-2019-8647 (RCE via iMessage) — This is a use-after-free vulnerability that resides in the Core Data framework of iOS that can cause arbitrary code execution due to insecure deserialization when NSArray initWithCoder method is used.
- CVE-2019-8662 (RCE via iMessage) — This flaw is also similar to the above use-after-free vulnerability and resides in the QuickLook component of iOS, which can also be triggered remotely via iMessage.
- CVE-2019-8660 (RCE via iMessage) — This is a memory corruption issue resides in Core Data framework and Siri component, which if exploited successfully, could allow remote attackers to cause unexpected application termination or arbitrary code execution.
- CVE-2019-8646 (File Read via iMessage) — This flaw, which also resides in the Siri and Core Data iOS components, could allow an attacker to read the content of files stored on iOS devices remotely without user interactions, as user mobile with no-sandbox.
No comments:
Post a Comment