The version of Apple iOS running on the mobile device is prior to 12.5.4. It is, therefore, affected by multiple vulnerabilities:
A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code. Processing a maliciously crafted certificate may lead to arbitrary code execution. (CVE-2021-30737)
A memory corruption issue was addressed with improved state management. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
(CVE-2021-30761)
A use after free issue was addressed with improved memory management. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
(CVE-2021-30762)
Note that Nessus has not tested for this issue but has instead relied only on the applicationβs self-reported version number.
Binary data apple_ios_1254_check.nbin