Apple Fixed a Zero-day That Actively Exploited in The Wide Against iPhones & Macs

Apple released a security update for the fixes of Zero-day vulnerability that was exploited in wide targeting iPhones and Mac users.

Both of the Vulnerabilities reported by an anonymous researcher and the successful exploitation of these vulnerabilities could lead attackers to execute arbitrary code and take control of the system.


Vulnerability details:

iOS 14.7.1 and iPadOS 14.7.1 – CVE-2021-30807

A Critical memory corruption vulnerability that allows attackers to execute arbitrary code with kernel privileges.

 CVE-2021-30807 is considered as an actively exploited vulnerability and affected the several versions as follows:

iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Apple released a new version iOS 14.7.1 and iPadOS 14.7.1, “Apple is aware of a report that this issue may have been actively exploited,” the company said in security advisories.

macOS Big Sur – CVE-2021-30807

The same critical memory corruption vulnerability in the IOMobileFrameBuffer extension allows attackers that to execute arbitrary code with kernel privileges and Apple is aware of a report that this issue may have been actively exploited.

Apple released a new version of macOS Big Sur 11.5.1 and please note that software update is installed for iOS, iPadOS, tvOS, and watchOS, it cannot be downgraded to the previous version.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.