Apple fixes zero-day in iOS and iPadOS 15.0.2 emergency release: Detect and Prioritize Vulnerabilities using VMDR for Mobile Devices
Apple recently released iOS and iPadOS 15.0.2 as an emergency security update that addresses 1 critical zero-day vulnerabilities, which is exploited in wild. Qualys recommends that security teams should immediately update all devices running iOS and iPadOS to the latest version. “Apple is aware of a report that this issue may have been actively exploited,” the company said in security advisories.
This year, Apple has released multiple emergency releases to fix the actively exploited vulnerabilities which Apple is aware of a report that this issue may have been actively exploited. Successful exploitation of the vulnerability allows an application to execute arbitrary code with kernel privileges, and spyware like Pegasus can be easily deployed on affect devices, and exploiting other vulnerabilities, it will get access to a device.
Following are the recent exploits and respective iOS and iPadOS versions in which they have been fixed by Apple since Jan 2021:
CVE-2021-1870, CVE-2021-1871, CVE-2021-1782 – Fixed in iOS and iPadOS 14.4
CVE-2021-1879 – Fixed in iOS and iPadOS 14.4.2
CVE-2021-30761, CVE-2021-30762 – Fixed in iOS 12.5.4
Integer Overflow Vulnerability
Apple released a patch to fix integer overflow critical vulnerability (CVE-2021-30883). This vulnerability has a CVSSv3.1 base score of 8.8 and should be prioritized for patching as successful exploitation of the vulnerability allows a malicious application to execute arbitrary code with kernel privileges. It affects the iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Discover Vulnerabilities and Take Remote Response Action Using VMDR for Mobile Devices
Discover Assets Missing the Latest iOS Security Update
The first step in managing these critical vulnerabilities and reducing risk is to identify the assets. Qualys VMDR for Mobile Devices makes it easy to identify the iOS and iPadOS assets not updated to the latest version iOS and iPadOS 15.0.2. To get the comprehensive visibility of the mobile devices, you need to install Qualys Cloud Agent for Android or iOS/iPadOS on all mobile devices. The device onboarding process is easy, and the inventory of mobile devices is free.
Query: vulnerabilities.vulnerability.title:”iOS 15.0.2″
Once you get the list of assets missing the latest security patch, navigate to the Vulnerability tab. Enter the vulnerabilities.vulnerability.title:”iOS 15.0.2″ and apply the Group By “Vulnerabilities” to get the list of the CVEs that Apple fixes in iOS and iPadOS 15.0.2 release. Qualys VMDR helps you understand what kind of risk you are taking by allowing the unpatched device to hold corporate data and connect to your corporate network.
Also, you can apply the Group By “CVE Ids” to get only the list of CVEs fixed by Apple in iOS and iPadOS 15.0.2 release.
QID 610371 is available in signature version SEM VULNSIGS-188.8.131.52, and there is no dependency on any specific Qualys Cloud Agent version.
With the VMDR for Mobile Devices dashboard, you can track the status of the assets on which the latest security patch and update is missing. The dashboard will be updated with the latest data collected by Qualys Cloud Agent for Android and iOS devices.
Remote Response Action
You can perform the “Send Message” action to inform the end-user to update the devices to the latest OS version. Also, you may provide step-by-step details to update the security patch.
We recommend updating to the latest iOS and iPadOS version for the assets where vulnerabilities are detected as “Confirmed”.
Get Started Now
Qualys VMDR for Mobile Devices is available free for 30 days to help customers detect vulnerabilities, monitor critical device settings, and correlate updates with the correct app versions available on Google Play Store. You can try our solution by registering for the free 30-day service.
This post was first first published on Qualys Security Blog’ website by Swapnil Ahirrao. You can view it by clicking here