Saturday, February 15, 2025
HomeAppleVulnerability in Apple iMessage Let Hackers Remotely Read Files in iPhone -...

Vulnerability in Apple iMessage Let Hackers Remotely Read Files in iPhone – PoC Released

Published on

SIEM as a Service

Follow Us on Google News

Researchers from Google project Zero disclosed critical bugs that reside in iMessages that allows attackers to read local files in iPhone without any form of user interaction.

Natalie Silvanovich, a security researcher from Google project zero reported 5 different vulnerabilities along with Samuel Groß, another member of her team.

The file read vulnerability can be tracked as CVE-2019-8646 and the researcher described this vulnerability as “The class _NSDataFileBackedFuture can be deserialized even if the secure encoding is enabled. This class is a file-backed NSData object that loads a local file into memory when the [NSData bytes] selector is called”

“This presents two problems. First, it could potentially allow undesired access to local files if the code deserializing the buffer ever shares it (this is more likely to cause problems in components that use serialized objects to communicate locally than in iMessage). Second, it allows an NSData object to be created with a length that is different than the length of its byte array. “

Natalie released a Proof of concept that works on devices with iOS 12 or later and its’s PoC shows leaking memory from a remote device.

Apple Patched this vulnerability in last security update that released on July 22 and the vulnerability affects iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later.

4 Other Vulnerabilities That Affected iMessage

CVE-2019-8660 – Interactionless memory corruption vulnerability allows an attacker to run arbitrary code remotely in iPhone 5s or later version and also it leads to a remote attacker may be able to cause unexpected application termination or arbitrary code execution.

CVE-2019-8647 – This Core Data interactionless use after free Remote code execution vulnerability allows Remote Attacker to compromise iMessage and crash Springboard with no user interaction in iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later

A use after free issue was addressed by Apple and improved memory management.

CVE-2019-8662 – Similar User-after-free vulnerability resides in the QuickLook component which is loaded into the Springboard process. As such, there might be scenarios in which OfficeImport library is loaded in Springboard, making this bug remotely triggerable via iMessage without any user interaction.

This vulnerability affects iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later.

CVE-2019-8641- It allows a remote attacker may be able to cause unexpected application termination or arbitrary code execution and the vulnerability PoC is holding until its deadline due to the fix in the advisory did not resolve the vulnerability.

Apple Fixed all the issues in iOS 12.4 released and you can see the Full list here.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Fake BSOD Attack Launched via Malicious Python Script

A peculiar malicious Python script has surfaced, employing an unusual and amusing anti-analysis trick...

SocGholish Malware Dropped from Hacked Web Pages using Weaponized ZIP Files

A recent wave of cyberattacks leveraging the SocGholish malware framework has been observed using...

Lazarus Group Targets Developers Worldwide with New Malware Tactic

North Korea's Lazarus Group, a state-sponsored cybercriminal organization, has launched a sophisticated global campaign...

North Korean IT Workers Penetrate Global Firms to Install System Backdoors

In a concerning escalation of cyber threats, North Korean IT operatives have infiltrated global...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

NVIDIA Container Toolkit Vulnerable to Code Execution Attacks

NVIDIA has issued a critical security update to address a high-severity vulnerability discovered in...

Apache Fineract SQL Injection Vulnerability Allows Malicious Data Injection

The Apache Software Foundation has disclosed a critical SQL injection vulnerability in its widely...

AMD Ryzen Flaw Enables Code Execution Through DLL Hijacking

A security vulnerability has been identified in the AMD Ryzen™ Master Utility, a performance-tuning tool for AMD Ryzen™...