Lucene search
K

148 matches found

OSV
OSV
added 2024/12/24 7:15 p.m.1 views

DEBIAN-CVE-2022-21505

In the linux kernel, if IMA appraisal is used with the "imaappraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "imaappraise=log" from the boot param when Secure Boot is enabled, but this does not cover case...

6.7CVSS6.2AI score0.002EPSS
Exploits0References1
OSV
OSV
added 2024/07/29 11:15 p.m.6 views

CVE-2024-27862

A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.6. Enabling Lockdown Mode while setting up a Mac may cause FileVault to become unexpectedly disabled...

2.4CVSS5.8AI score0.00556EPSS
Exploits0References3
NVD
NVD
added 2024/07/29 11:15 p.m.22 views

CVE-2024-27862

A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.6. Enabling Lockdown Mode while setting up a Mac may cause FileVault to become unexpectedly disabled...

5.3CVSS0.00556EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/07/29 10:16 p.m.29 views

CVE-2024-27862

A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.6. Enabling Lockdown Mode while setting up a Mac may cause FileVault to become unexpectedly disabled...

0.00556EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/29 10:16 p.m.16 views

CVE-2024-27862

A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.6. Enabling Lockdown Mode while setting up a Mac may cause FileVault to become unexpectedly disabled...

5.5AI score0.00556EPSS
Exploits0References1
CVE
CVE
added 2024/07/29 10:16 p.m.56 views

CVE-2024-27862

CVE-2024-27862 is a logic issue in macOS Sonoma 14.6 related to Setup/Lockdown Mode flow. The underlying problem is state-management during setup, which can cause FileVault to be disabled unexpectedly when Lockdown Mode is enabled while configuring a Mac. The issue affects macOS Sonoma 14.6 and i...

5.3CVSS6AI score0.00556EPSS
Exploits0References4Affected Software1
Malwarebytes
Malwarebytes
added 2024/07/12 9:15 a.m.13 views

iPhone users in 98 countries warned about spyware by Apple

In April 2024, we reported how Apple was warning people of mercenary attacks via its threat notification system. At the time it warned users in 92 countries. In a new round, Apple is now warning users in 98 countries of potential mercenary spyware attacks. The message sent to the affected users...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/04/11 7:51 p.m.20 views

Apple warns people of mercenary attacks via threat notification system

Apple has reportedly sent alerts to individuals in 92 nations on Wednesday, April 10, to say its detected that they may have been a victim of a mercenary attack. The company says it has sent out these types of threat notifications to over 150 countries since the start in 2021. Mercenary spyware i...

7.1AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2024/01/02 12:0 p.m.10 views

What It’s Like to Use Apple’s Lockdown Mode

If you're at high risk of being targeted by mercenary spyware, or just don't mind losing iOS features for extra security, the company's restricted mode is surprisingly usable...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/12/05 2:58 p.m.44 views

Warning for iPhone Users: Experts Warn of Sneaky Fake Lockdown Mode Attack

A new "post-exploitation tampering technique" can be abused by malicious actors to visually deceive a target into believing that their Apple iPhone is running in Lockdown Mode when it's actually not and carry out covert attacks. The novel method, detailed by Jamf Threat Labs in a report shared wi...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/10/05 3:42 a.m.68 views

Apple Rolls Out Security Patches for Actively Exploited iOS Zero-Day Flaw

Apple on Wednesday rolled out security patches to address a new zero-day flaw in iOS and iPadOS that it said has come under active exploitation in the wild. Tracked as CVE-2023-42824, the kernel vulnerability could be abused by a local attacker to elevate their privileges. The iPhone maker said i...

8.8CVSS7.4AI score0.49013EPSS
Exploits6
Krebs on Security
Krebs on Security
added 2023/09/12 10:36 p.m.64 views

Adobe, Apple, Google & Microsoft Patch 0-Day Bugs

Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited. Also, Adobe, Google Chrome and Apple iOS users may have their own zero-day patching to do. On...

6.8CVSS7.7AI score0.99735EPSS
Exploits14
NVD
NVD
added 2023/08/14 9:15 p.m.27 views

CVE-2023-21267

In multiple functions of KeyguardViewMediator.java, there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.2AI score0.00117EPSS
Exploits0References4
Prion
Prion
added 2023/08/14 9:15 p.m.10 views

Information disclosure

In doKeyguardLocked of KeyguardViewMediator.java, there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

1.7CVSS5.2AI score0.00117EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/08/14 8:59 p.m.26 views

CVE-2023-21267

In multiple functions of KeyguardViewMediator.java, there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5AI score0.00117EPSS
Exploits0References4
CVE
CVE
added 2023/08/14 8:59 p.m.169 views

CVE-2023-21267

The CVE-2023-21267 issue affects Android’s KeyguardViewMediator.java in the framework, enabling bypass of lockdown mode via screen pinning due to a logic error. This leads to local information disclosure without extra privileges or user interaction. Exploitation can occur on devices with access t...

5.5CVSS5.1AI score0.00117EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/14 8:59 p.m.16 views

CVE-2023-21267

In multiple functions of KeyguardViewMediator.java, there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

6.3AI score0.00117EPSS
Exploits0References4
Malwarebytes
Malwarebytes
added 2023/04/21 3:0 a.m.27 views

iOS Lockdown Mode effective against NSO zero-click exploit

Apples Lockdown Mode feature alerted a victim to one of the latest NSO exploits, according to a report by Citizen Lab. image courtesy of Citizen Lab This is a huge deal since it shows how useful Lockdown Mode can be, even against exploits developed by one of the worlds most notorious commercial...

6.4AI score
Exploits0
Schneier on Security
Schneier on Security
added 2023/04/20 10:47 a.m.19 views

New Zero-Click Exploits against iOS

Citizen Lab has identified three zero-click exploits against iOS 15 and 16. These were used by NSO Groups Pegasus spyware in 2022, and deployed by Mexico against human rights defenders. These vulnerabilities have all been patched. One interesting bit is that Apples Lockdown Mode part of iOS 16...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/20 10:11 a.m.37 views

NSO Group Used 3 Zero-Click iPhone Exploits Against Human Rights Defenders

Israeli spyware maker NSO Group deployed at least three novel "zero-click" exploits against iPhones in 2022 to infiltrate defenses erected by Apple and deploy Pegasus, according to the latest findings from Citizen Lab. "NSO Group customers widely deployed at least three iOS 15 and iOS 16 zero-cli...

6.8AI score
Exploits0
Rows per page
Query Builder