Digital Tbucket Tank (DTT)

Vulnerabilities in Apple devices. Criminals are already taking advantage of them

Apple has patches for three Zero-day vulnerabilities Released in the iPhone, iPad and Apple TV operating systems. Cyber ​​criminals actively exploited vulnerabilities in iOS, iPadOS and tvOS. They have been patched with version 14.4 of all the systems mentioned.

Image source: Pixabay

The CVE-2021-1782 vulnerability allowed malicious applications to elevate their rights. This is a vulnerability caused by a race condition. Such vulnerabilities occur when a program allows multiple operations to be carried out simultaneously and the result depends on the correct order in which they are executed. Criminals can disrupt the job and exploit the weak point. CVE-2021-1871 and CVE-2021-1870 are in the WebKit browser engine available for iPadOS and iOS. The vulnerabilities allow attackers to execute arbitrary code. The vulnerabilities exist in iPhone 6s and newer, iPad Air 2 and newer, iPad mini 4 and newer, iPod touch 7th generation, Apple TV 4K and Apple TV HD. The manufacturer declined to say how many devices fell victim to the cyber criminals.