Home > Cyber News > CVE-2021-1844 in iOS, macOS Could Cause Arbitrary Code Execution
CYBER NEWS

CVE-2021-1844 in iOS, macOS Could Cause Arbitrary Code Execution

A new vulnerability affecting iOS, macOS, watchOS, and Safari browser was recently detected by security researchers. Apple has already released a fix for the bug, CVE-2021-1844.

CVE-2021-1844 in iOS, macOS, watchOS

The vulnerability was discovered by two researchers: Clément Lecigne of Google’s Threat Analysis Group and Alison Huffman of Microsoft Browser Vulnerability Research. The bug is triggered by a memory corruption problem that could cause arbitrary code execution while processing specially crafted web content. The issue was fixed with improved validation, Apple said.




Devices running iOS 14.4, iPadOS 14.4, macOS Big Sur, and watchOS 7.3.1 should apply the update. The same goes to the Safari browser running on macOS Catalina and macOS Mojave.

Other Apple Vulnerabilities Fixed Earlier in 2021

Apple fixed three zero-day vulnerabilities in iOS and iPadOS in January.

CVE-2021-1782, CVE-2021-1870, and CVE-2021-1871 could allow threat actors to perform privilege escalation and remote code execution attacks. Apple said the vulnerabilities were likely exploited in the wild, without specifying the attacks’ extent.

Then, in February, the company fixed a big loophole in macOS Big Sur which could lead to data loss. The bug resided in Big Sir 11.2, and was also introduced to the 11.3 version. The bug stemmed from the macOS Big Sur installer not checking whether the machine has the required free space for an upgrade to occur flawlessly. You can read more about the data loss bug in our dedicated article.

Later that month, security researchers uncovered a malvertising campaign coordinated by the ScamClub group which exploited a zero-day in WebKit-based browsers. Scammers were exploiting the critical CVE-2021-1801 vulnerability. According to the official information, the vulnerability was first discovered in Apple macOS up to 11.1 by researcher Eliya Stein of Confiant.

If you are interested in the state of Apple’s privacy and security, you can jump to our article The State of Apple’s Privacy So Far in 2021.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

2 Comments
  1. David

    The lady that lives two houses to the west of me has been obsessed with invading my privacy.
    She has edited herself off my security cameras
    Prevented me from employment for over two years.
    The only jobs I have had was by word of mouth and then I get fired a short time later with little or no explanation
    She has slandered and lied about me all over the neighborhood
    She has accessed my iPhone XR somehow and I’m mentally breaking down.
    I believe she was manipulating my father online and as I am living with him in his home she has gone insane.
    I have asked for assistance I have spoken with my doctor and physiologist and mental health therapists
    But nothing changes.
    How can she manipulate me thru my Apple I phone?

    Reply
    1. Milena Dimitrova (Post author)

      Hi David,
      Sorry to read about your troubles. Do you have any legitimate reasons to believe your iPhone was hacked?

      Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree