The vulnerability of the ARKit interface allows attackers to trigger a service failure on operating systems such as macOS, iOS, iPadOS, tvOS, and visionOS.

The vulnerability of the ARKit interface in operating systems such as macOS, iOS, iPadOS, tvOS, and visionOS is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service failures...

About the security content of visionOS 2.3

About the security content of visionOS 2.3 This document describes the security content of visionOS 2.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are availabl...

About the security content of iPadOS 17.7.4

About the security content of iPadOS 17.7.4 This document describes the security content of iPadOS 17.7.4. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

Apple Patches AirPods Bluetooth Vulnerability That Could Allow Eavesdropping

Apple has released a firmware update for AirPods that could allow a malicious actor to gain access to the headphones in an unauthorized manner. Tracked as CVE-2024-27867, the authentication issue affects AirPods 2nd generation and later, AirPods Pro all models, AirPods Max, Powerbeats Pro, and...

Lumos System Can Find Hidden Cameras and IoT Devices in Your Airbnb or Hotel Room

A group of academics has devised a system that can be used on a phone or a laptop to identify and locate Wi-Fi-connected hidden IoT devices in unfamiliar physical spaces. With hidden cameras being increasingly used to snoop on individuals in hotel rooms and Airbnbs, the goal is to be able to...

Pixar OpenUSD Binary File Format Compressed Value Reps Code Execution Vulnerabilities

Summary A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 while parsing compressed value rep arrays in binary USD files. A specially crafted malformed file can trigger a heap overflow, which can result in remote code execution. To trigger this vulnerability, the victim needs to acce...

Pixar OpenUSD binary file format compressed sections code execution vulnerabilities

Summary A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. A specially crafted malformed file can trigger a heap overflow which can result in remote code execution. To trigger this vulnerability, the victim needs to open a...

Pixar OpenUSD binary file format specs memory corruption

Summary An out-of-bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 uses SPECS data from binary USD files. A specially crafted malformed file can trigger an out-of-bounds memory access and modification which results in memory corruption. To trigger this vulnerability, t...