Friday, March 29, 2024

Vulnerability in Apple iMessage Let Hackers Remotely Read Files in iPhone – PoC Released

Researchers from Google project Zero disclosed critical bugs that reside in iMessages that allows attackers to read local files in iPhone without any form of user interaction.

Natalie Silvanovich, a security researcher from Google project zero reported 5 different vulnerabilities along with Samuel Groß, another member of her team.

The file read vulnerability can be tracked as CVE-2019-8646 and the researcher described this vulnerability as “The class _NSDataFileBackedFuture can be deserialized even if the secure encoding is enabled. This class is a file-backed NSData object that loads a local file into memory when the [NSData bytes] selector is called”

“This presents two problems. First, it could potentially allow undesired access to local files if the code deserializing the buffer ever shares it (this is more likely to cause problems in components that use serialized objects to communicate locally than in iMessage). Second, it allows an NSData object to be created with a length that is different than the length of its byte array. “

Natalie released a Proof of concept that works on devices with iOS 12 or later and its’s PoC shows leaking memory from a remote device.

Apple Patched this vulnerability in last security update that released on July 22 and the vulnerability affects iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later.

4 Other Vulnerabilities That Affected iMessage

CVE-2019-8660 – Interactionless memory corruption vulnerability allows an attacker to run arbitrary code remotely in iPhone 5s or later version and also it leads to a remote attacker may be able to cause unexpected application termination or arbitrary code execution.

CVE-2019-8647 – This Core Data interactionless use after free Remote code execution vulnerability allows Remote Attacker to compromise iMessage and crash Springboard with no user interaction in iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later

A use after free issue was addressed by Apple and improved memory management.

CVE-2019-8662 – Similar User-after-free vulnerability resides in the QuickLook component which is loaded into the Springboard process. As such, there might be scenarios in which OfficeImport library is loaded in Springboard, making this bug remotely triggerable via iMessage without any user interaction.

This vulnerability affects iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later.

CVE-2019-8641- It allows a remote attacker may be able to cause unexpected application termination or arbitrary code execution and the vulnerability PoC is holding until its deadline due to the fix in the advisory did not resolve the vulnerability.

Apple Fixed all the issues in iOS 12.4 released and you can see the Full list here.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.

Website

Latest articles

Beware Of Weaponized Air Force invitation PDF Targeting Indian Defense And Energy Sectors

EclecticIQ cybersecurity researchers have uncovered a cyberespionage operation dubbed "Operation FlightNight" targeting Indian government...

WarzoneRAT Returns Post FBI Seizure: Utilizing LNK & HTA File

The notorious WarzoneRAT malware has made a comeback, despite the FBI's recent efforts to...

Google Revealed Kernel Address Sanitizer To Harden Android Firmware And Beyond

Android devices are popular among hackers due to the platform’s extensive acceptance and open-source...

Compromised SaaS Supply Chain Apps: 97% of Organizations at Risk of Cyber Attacks

Businesses increasingly rely on Software as a Service (SaaS) applications to drive efficiency, innovation,...

IT and security Leaders Feel Ill-Equipped to Handle Emerging Threats: New Survey

A comprehensive survey conducted by Keeper Security, in partnership with TrendCandy Research, has shed...

How to Analyse .NET Malware? – Reverse Engineering Snake Keylogger

Utilizing sandbox analysis for behavioral, network, and process examination provides a foundation for reverse...

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles