The version of Apple iOS running on the mobile device is prior to 14.8. It is, therefore, affected by multiple vulnerabilities, including the following:
A use after free issue due to incorrect memory management, which can lead to arbitrary code execution when processing maliciously crafted web content. (CVE-2021-30858)
An integer overflow issue due to insufficient input validation, which can lead to arbitrary code execution when processing a maliciously crafted PDF. (CVE-2021-30860)
Arbitrary code execution when processing a maliciously crafted dfont file. (CVE-2021-30841, CVE-2021-30842, CVE-2021-30843)
Note that Nessus has not tested for these issues but has instead relied only on the applicationβs self-reported version number.
Binary data apple_ios_148_check.nbin
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0340
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30820
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30841
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30842
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30843
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30846
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30848
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30849
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30855
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30857
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30858
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30859
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30860
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31010