SB2019020801 - Multiple vulnerabilities in Apple iOS

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Privilege escalation (CVE-ID: CVE-2019-7287)

The vulnerability allows a local attacker to gain elevated privileges.

The weakness exists due to a boundary error in the IOKit component when handling malicious input. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

Note: according to Ben Hawkes, team leader at Project Zero, the vulnerability has been exploited in the wild as 0day.

2) Memory corruption (CVE-ID: CVE-2019-7286)

The vulnerability allows a local attacker to gain elevated privileges.

The weakness exists due to a boundary error in the Foundation component when handling malicious input. A local attacker can run a specially crafted application, trigger memory corruption and gain elevated privileges.

Note: according to Ben Hawkes, team leader at Project Zero, the vulnerability has been exploited in the wild as 0day.

3) Security restrictions bypass (CVE-ID: CVE-2019-7288)

The vulnerability allows a remote attacker to bypass security restrictions.

The weakness exists due to improper validation on the FaceTime server. A remote attacker can cause an error in Live Photos in FaceTime and bypass security restrictions.

4) Security restrictions bypass (CVE-ID: CVE-2019-6223)

The vulnerability allows a remote attacker to bypass security restrictions.

The weakness exists due to a logic issue in the handling of Group FaceTime calls. A remote attacker who is the initiator of a Group FaceTime call can cause the recipient to answer.

Remediation

Install update from vendor's website.

References

• https://support.apple.com/en-us/HT209520
• https://twitter.com/benhawkes?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E10935817379242598...