The version of Apple iOS running on the mobile device is prior to 15.2. It is, therefore, affected by multiple vulnerabilities, including the following:
Memory corruption issues exist in the processing of ICC profiles due to insufficient input validation.
This may lead to arbitrary code execution. (CVE-2021-30926, CVE-2021-30942)
A buffer overflow issue exists when processing a maliciously crafted audio file. This may lead to arbitrary code execution. (CVE-2021-30957)
An out-of-bounds read exists when playing a malicious audio file which may lead to arbitrary code execution. (CVE-2021-30958)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
Binary data apple_ios_152_check.nbin
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30767
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30926
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30927
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30929
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30932
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30934
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30936
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30937
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30939
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30940
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30941
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30942
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30945
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30946
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30947
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30948
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30949
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30951
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30952
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30953
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30954
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30955
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30957
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30958
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30960
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30964
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30966
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30967
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30968
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30971
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30973
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30979
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30980
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30983
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30984
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30985
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30988
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30991
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30992
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30993
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30995
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30996
support.apple.com/en-us/HT212976