A Vulnerability in Apple iOS Could Allow for Arbitrary Code Execution

A Vulnerability in Apple iOS Could Allow for Arbitrary Code Execution

MS-ISAC ADVISORY NUMBER:

2019-0085

DATE(S) ISSUED:

08/27/2019

OVERVIEW:

A vulnerability has been discovered in Apple iOS, which could allow for arbitrary code execution. Apple iOS is a mobile operating system for mobile devices, including the iPhone, iPad, and iPod touch. Successful exploitation of this vulnerability could result in arbitrary code execution with system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

THREAT INTELLIGENCE:

There are currently no reports of these vulnerabilities being exploited in the wild.

SYSTEMS AFFECTED:

  • • iOS versions prior to 12.4.1

RISK:

Government:

  • Large and medium government entities: HIGH
  • Small government entities: MEDIUM

Businesses:

  • Large and medium business entities: HIGH
  • Small business entities: MEDIUM

Home Users:

HIGH

TECHNICAL SUMMARY:

A vulnerability has been discovered in Apple iOS, which if exploited could allow for arbitrary code execution with system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The vulnerability exists due to a use-after-free error. Specifically, this issue occurs due to stale pointer left by ‘in6_pcbdetach()’ function.

RECOMMENDATIONS:

We recommend the following actions be taken:

  • Apply appropriate patches provided by Apple to vulnerable systems immediately after appropriate testing.
  • Remind users not to download, accept, or execute files from un-trusted or unknown sources.
  • Remind users not to visit untrusted websites or follow links provided by unknown or un-trusted sources.

REFERENCES: