November 8, 2018 Sin comentarios

Acaba de descubrirse otra vulnerabilidad en los dispositivos
Apple,

que funcionan con el sistema operativo XNU, que ha sido clasificada como
de ejecución remota de código (RCE) en el kernel.

XNU es utilizado tanto por iOS como por macOS, therefore
los iPhones, iPad y Macbooks se ven afectados.

Esta vulnerabilidad posibilita a un atacante que esté
conectado a la misma red que su dispositivo enviarle un paquete malicioso, by
ejemplo si está utilizando la red WiFi gratuita en una cafetería. Para desencadenar
la vulnerabilidad, un atacante simplemente necesita enviar un paquete IP
malicioso a la dirección IP del dispositivo de destino. No se requiere la
interacción del usuario.

Para demostrarlo Backhouse
ha publicado una prueba de la vulnerabilidad que hace que se pueda reiniciar cualquier
Mac or iOS device on the same network and without user interaction.

The main problem is that antivirus software does not protect
against this vulnerability since it is in a fundamental part of the network code.
The researcher tested the vulnerability on a Mac with McAfee and the antivirus made no reference.
It does not matter what software is running on the device, the malicious package
will still trigger the vulnerability even if it has no
open ports.

Backhouse reported this vulnerability in September and
Apple fixed it for iOS 12 and macOS
Mojave. Both patches were announced retrospectively on the 30 October.

Since an attacker can control the size and
content of the buffer overflow, it is possible to exploit this
vulnerability to achieve remote code execution on the device. Yes
well Backhouse has not tried to write an exploit capable of doing it, others
could develop code that does it in the near future.

To prevent this vulnerability from being exploited by an
attacker we could enable stealth mode on the macOS firewall since it prevents
the attack from working but that invisible mode does not exist on the devices
ios.

On the other hand, we keep repeating that we should not use
public wifi networks.

We leave you the YouTube link that demonstrates the test performed by Backhouse:

https://www.youtube.com/watch?v=aV7yEemjexk

Leave a Reply

Your email address will not be published. Required fields are marked *

More news
Vimeo sufre una brecha de datos
Read more »
Booking.com suffers a data exfiltration of bookings
Read more »
La franquicia de gimnasios Basic-Fit sufre una exfiltración de datos
Read more »
New wave of scams using AI-cloned voices
Read more »
Una brecha en la Comisión Europea salpica unas treinta instituciones
Read more »