The version of Apple iOS running on the mobile device is prior to 12.5.5. It is, therefore, affected by multiple vulnerabilities, as follows:
An integer overflow was addressed with improved input validation. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30860)
A use after free issue was addressed with improved memory management. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)
Incorrect state handling lead to a type confusing issue that allows a malicious application to execute arbitrary code with kernel privileges. (CVE-2021-30869)
Note that Nessus has not tested for these issues but has instead relied only on the applicationโs self-reported version number.
Binary data apple_ios_1255_check.nbin