CVE-2019-7287: A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4. An application may be able to execute arbitrary code…

CVE-2019-7287 [HIGH] CWE-787 GHSA-c857-frv5-v87x: A memory corruption issue was addressed with improved input validation A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4. An application may be able to execute arbitrary code with kernel privileges.

CVE-2019-1107 Root Cause Analyses for 0-day In-the-Wild Exploits - Project Zero Posted by Maddie Stone, Project Zero When a 0-day is exploited in the wild AND it is detected, we need to use that as an opportunity to learn as much as possible about the vulnerability and the exploit if we hope to make 0-day hard. One of the main methods to do that is to perform a root cause analysis (RCA) on the 0-day. Our effort on this began in earnest in the last quarter of 2019. Today we are beginning to publish the root cause analyses for 0-days exploited in the wild that we have completed. While we’re publishing some in bulk now to play “catch-up”, in the future we plan to post each one in a timely manner after it’s detected and disclosed. We think publishing technical details in a timely manner is important for transparency and so that the whole of the security community can

CVE-2016-5195 Detection Deficit: A Year in Review of 0-days Used In-The-Wild in 2019 - Project Zero Posted by Maddie Stone, Project Zero In May 2019, Project Zero released our tracking spreadsheet for 0-days used “in the wild” and we started a more focused effort on analyzing and learning from these exploits. This is another way Project Zero is trying to make zero-day hard. This blog post synthesizes many of our efforts and what we’ve seen over the last year. We provide a review of what we can learn from 0-day exploits detected as used in the wild in 2019. In conjunction with this blog post, we are also publishing another blog post today about our root cause analysis work that informed the conclusions in this Year in Review. We are also releasing 8 root cause analyses that we have done for in-the-wild 0-days from 2019. When I had the idea for this “Year in Review” blog post, I immedi

CVE-2016-7644 A survey of recent iOS kernel exploits - Project Zero Posted by Brandon Azad, Project Zero I recently found myself wishing for a single online reference providing a brief summary of the high-level exploit flow of every public iOS kernel exploit in recent years; since no such document existed, I decided to create it here. This post summarizes original iOS kernel exploits from local app context targeting iOS 10 through iOS 13, focusing on the high-level exploit flow from the initial primitive granted by the vulnerability to kernel read/write. At the end of this post, we will briefly look at iOS kernel exploit mitigations (in both hardware and software) and how they map onto the techniques used in the exploits. This isn't your typical P0 blog post: There is no gripping zero-day exploitation, or novel exploitation research, or thrilling mal

CVE-2019-7286 [HIGH] A very deep dive into iOS Exploit chains found in the wild - Project Zero Posted by Ian Beer, Project Zero Project Zero’s mission is to make 0-day hard. We often work with other companies to find and report security vulnerabilities, with the ultimate goal of advocating for structural security improvements in popular systems to help protect people everywhere. Earlier this year Google's Threat Analysis Group (TAG) discovered a small collection of hacked websites. The hacked sites were being used in indiscriminate watering hole attacks against their visitors, using iPhone 0-day. There was no target discrimination; simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant. We estimate that these sites receive thousands of visitors per week. TAG was able to collect five sepa

CVE-2019-7287 [HIGH] CWE-787 Apple iOS Memory Corruption Vulnerability Apple iOS Memory Corruption Vulnerability Apple iOS contains a memory corruption vulnerability which could allow an attacker to perform remote code execution. Affected: Apple iOS Required Action: Apply updates per vendor instructions. Exploitation References: https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit; https://twitter.com/benhawkes/status/1093581737924259840; https://www.eweek.com/security/apple-patches-facetime-vulnerability-in-ios-macos-updates/; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json Remediation Due: 2022-06-13

CVE-2019-7286 [HIGH] Project Zero RCA: CVE-2019-7286: iOS use-after-free in cfprefsd # CVE-2019-7286: iOS use-after-free in cfprefsd *Ian Beer, Project Zero (Originally posted on [Project Zero blog](https://googleprojectzero.blogspot.com/p/rca.html) 2020-07-27)* ## The Basics **Disclosure or Patch Date:** 7 February 2019 **Product:** Apple iOS **Advisory:** https://support.apple.com/en-us/HT209520 **Affected Versions:** Exploit targeted iOS 12-12.1 **First Patched Version:** iOS 12.1.4 **Issue/Bug Report:** N/A **Patch CL:** N/A **Bug-Introducing CL:** N/A **Reporter(s):** Clement Lecigne of Google's Threat Analysis Group (TAG), Ian Beer & Samuel Groß of Google Project Zero, & an anonymous researcher (according to [Apple's release notes](https://support.apple.com/en-us/HT209520)) ## The Code **Proof-of-concept:** N/A **Exploit sample:** N/A **Did you have acc

CVE-2019-7287 [HIGH] Project Zero RCA: CVE-2019-7287: iOS Buffer Overflow in ProvInfoIOKitUserClient # CVE-2019-7287: iOS Buffer Overflow in ProvInfoIOKitUserClient *Ian Beer, Project Zero (Originally posted on [Project Zero blog](https://googleprojectzero.blogspot.com/p/rca.html) 2020-07-27)* ## The Basics **Disclosure or Patch Date:** 7 February 2019 **Product:** Apple iOS **Advisory:** https://support.apple.com/en-us/HT209520 **Affected Versions:** iOS 10-12.1.3 **First Patched Version:** iOS 12.1.4 **Issue/Bug Report:** N/A **Patch CL:** N/A **Bug-Introducing CL:** N/A **Reporter(s):** Clement Lecigne of Google's Threat Analysis Group (TAG), Ian Beer & Samuel Groß of Google Project Zero, & an anonymous researcher (according to [Apple's release notes](https://support.apple.com/en-us/HT209520)) ## The Code **Proof-of-concept:** N/A **Exploit sample:** N/A **Did you have ac

CVE-2019-7287 [HIGH] CWE-787 Apple iOS Memory Corruption Vulnerability Vulnerability: Apple iOS Memory Corruption Vulnerability Affected: Apple iOS Apple iOS contains a memory corruption vulnerability which could allow an attacker to perform remote code execution. Required Action: Apply updates per vendor instructions. Notes: https://nvd.nist.gov/vuln/detail/CVE-2019-7287 Remediation Due Date: 2022-06-13

CVE-2019-7287 [HIGH] CVE-2019-7287: iOS 12.1.4 Apple Security Update: About the security content of iOS 12.1.4 Product: iOS Version: 12.1.4 CVE: CVE-2019-7287 Component: IOKit Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation.