It has been reported that tech giant Apple on Monday rolled out updates to remediate a zero-day flaw in iOS and iPadOS that it said has been actively exploited in the wild. The weakness, given the identifier CVE-2022-42827, has been described as an out-of-bounds write issue in the Kernel, which could be abused by a rogue application to execute arbitrary code with the highest privileges.

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Paul Bischoff
Paul Bischoff , Privacy Advocate
InfoSec Expert
October 26, 2022 11:49 am

Apple has been tight-lipped about the vulnerability, but any zero-day should be cause for concern, especially if it’s being exploited in the wild. If an attacker is able to write out of bounds, they could cause system crashes or execute arbitrary code in the kernel, which has high-level privileges. A lack of bounds checking commonly leads to buffer overflow attacks and off-by-one errors.

Last edited 1 month ago by Paul Bischoff
1
0
Would love your thoughts, please comment.x
()
x