This vulnerability exists in IOMobileFrameBuffer of Apple iOS and iPadOS due to memory corruption issues with inadequate memory handling. “A remote attacker with kernel privileges can exploit this vulnerability using a maliciously crafted application,” the agency explained.
Not updating to the latest software versions may allow attackers to gain elevated privileges on a targeted system.
Apple had also warned users that this issue may have been actively exploited.
Meanwhile, the new iOS 14.7.1 also fixes an issue where iPhone models with Touch ID cannot unlock a paired Apple Watch using the ‘Unlock with iPhone’ feature.
(With input from The Times of India)
