Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Apple Patches 12 Vulnerabilities in iOS, tvOS, and watchOS

Apple on Monday released security updates for iOS, tvOS, and watchOS platforms to resolve a total of 12 vulnerabilities that impact iPhone, iPad, iPod touch, Apple TV, and Apple Watch devices.

Apple on Monday released security updates for iOS, tvOS, and watchOS platforms to resolve a total of 12 vulnerabilities that impact iPhone, iPad, iPod touch, Apple TV, and Apple Watch devices.

All 12 vulnerabilities were found to impact iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation and later, and all were addressed with the release of iOS 10.2 this week. Affected components included Accessibility, Accounts, Find My iPhone, Graphics Driver, Image Capture, Local Authentication, Mail, Media Player, Profiles, and SpringBoard.

Tracked as CVE-2016-7626 and impacting Profiles, a memory corruption issue was found to impact not only the aforementioned iOS devices, but also 4th generation Apple TV and all Apple Watch models. The vulnerability could allow an attacker to achieve arbitrary code execution if the user opened a maliciously crafted certificate on a vulnerable device.

For the attack to be successful, the attacker needs a specially crafted certificate that could lead to memory corruption of several processes. The file can be delivered to vulnerable devices through Mobile Safari or Mail app.

The bug was found by Maksymilian Arciemowicz (cxsecurity.com), who explains that the attacker would be able to control the overflow through the certificate length in OCSP field. Thus, they can trigger the crash of Profile, Preferences, or other unexpected behaviors.

While this was the only vulnerability addressed in tvOS 10.1, Apple fixed one more in watchOS 3.1.1, a bug tracked as CVE-2016-7651. Discovered by Ju Zhu and Lilang Wu of Trend Micro, the issue resulted in the authorization settings not being reset upon application uninstall. The flaw impacted iOS devices as well and Apple decided to improve sanitization to address it.

The issues impacting the iOS’ Accessibility could result in a nearby user overhearing spoken passwords (CVE-2016-7634), or in a person with physical access to the iOS device accessing photos and contacts from the lock screen (CVE-2016-7664). A state management issue in the handling of authentication information that resulted in an attacker with an unlocked device being able to disable Find My iPhone (CVE-2016-7638) was addressed as well.

Apple also resolved a graphics driver bug (CVE-2016-7665) that could lead to denial of service when watching a maliciously crafted video, as well as a vulnerability in image capture (CVE-2016-4690) that could allow a malicious HID device cause arbitrary code execution, and a local authentication bug (CVE-2016-7601) where the device would not lock the screen after the idle timeout.

A flaw in mail (CVE-2016-4689) could result in an email signed with a revoked certificate appearing valid, a bug in media player (CVE-2016-7653) could allow a user view photos and contacts from the lockscreen, while SpringBoard vulnerabilities could allow person with physical access to an iOS device unlock the device (CVE-2016-4781) or keep it unlocked (CVE-2016-7597).

Related: Apple Patches Flaws in Xcode, Windows Software

Related: macOS 10.12 Patches Over 60 Vulnerabilities

Related: Apple Patches Spyware-Related Zero-Days in OS X, Safari

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Vulnerabilities

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Vulnerabilities

Several vulnerabilities have been patched in OpenText’s enterprise content management (ECM) product.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.