Apple said in a security advisory that it had received a report that the iOS flaw, which impacts kernel extension IOMobileFrameBuffer, 'may have been actively exploited.'
- Alexander Culafi, News Writer
Apple patched a zero-day vulnerability in iOS 15.0.2 on Monday that enabled remote code execution with kernel privileges.
The iOS vulnerability, CVE-2021-30883, impacts kernel extension IOMobileFrameBuffer. Apple described the flaw in its security advisory as a memory corruption issue and said it "may have been actively exploited."
Apple said in the advisory that the newly patched bug impacts "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)." The post said that the company has received "a report" of exploitation but did not elaborate further.
SearchSecurity asked Apple how widespread the exploitation was, but ...
Copyright of this story solely belongs to searchsecurity.techtarget.com . To see the full text click HERE