Thursday November 21, 2024

Advisory ID: NCC-CSIRT-0303-012

Summary:  Trellix a security firm published some flaws with iOS 16.3 and macOS 13.2. The firm says they are a part of a new class of bugs that can allow attackers to bypass code signing on macOS and iOS systems.  The Vulnerability allows an attacker to execute arbitrary code out of its sandbox or with certain elevated privileges. It also allows a remote user to bypass protections set by Apple and access a user’s personal information.

Vulnerable Platform(s): Apple  Operating Systems

Threat Type:  

  • Vulnerability

Product :   Apple Products ( iPhone, iPad and Mac Models)

Version:   iOS 16.3 and mac OS 13.2

Description:  The Security research firm Trellix discovered two security flaws on the mobile and desktop operating systems of Apple. Trellix discovered that the security fixes by Apple could be bypassed by a remote user and reported the flaws to Apple.  The Flaw allows a remote user to bypass protections set by Apple and access a user’s personal information, as well as their camera, microphone, and call history. Apple allegedly used a protocol called NSPredicateVisitor to strengthen the security of its NSPredicate tool, which developers use to filter code. An attacker could use the vulnerability to bypass the sandbox that prevents an app from accessing data from other apps on the device, as well as sensitive or private information. This can include messages, call logs, photos, location data, and smartphone hardware such as the camera and microphone. 

Consquences:  A hacker could gain access to sensitive information (calendar, address book, Camera, call history, Microphone, photos), install arbitrary applications, or spy on users.

Impact/Probability: HIGH/HIGH

Solution : 

Update your devices to the latest version of iOS and macOS.

References: