Home ยป Unveiling iPhone’s Impenetrable Deficiency – NSO Group’s Ingenious Hacker Triumph Without User Interaction

Unveiling iPhone’s Impenetrable Deficiency – NSO Group’s Ingenious Hacker Triumph Without User Interaction

Citizen Lab has recently released a report discussing two vulnerabilities, namely CVE-2023-41064 and CVE-2023-41061, collectively referred to as BLASTPASS. These vulnerabilities have the capability to infiltrate iPhones through text messages sent via iMessage, without the need for the victim to interact with anything. Citizen Lab has pointed out that this vulnerability is being exploited by NSO Group to deliver malware.

The exploit methods employed by NSO Group have been notoriously sophisticated and likely require significant development resources. At this time, specific details about the vulnerabilities have not been disclosed by Citizen Lab or Apple. However, it has been revealed that the initial vulnerability lies within the ImageIO image processing framework, after which the exploit proceeds to execute code within the Wallet.

Apple has swiftly addressed all identified vulnerabilities with the release of iOS 16.6.1 and iPadOS 16.6.1.

TLDR: Citizen Lab has exposed two vulnerabilities, called BLASTPASS, which allow for the compromise of iPhones through iMessage. Exploited by NSO Group, these vulnerabilities have been patched by Apple in their latest iOS and iPadOS releases.

More Reading

Post navigation

Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Apple Enters Negotiations with Meta, Anthropic, and Perplexity to Enhance AI Services through Apple Intelligence Integration

Upcoming Innovations Await: All iPad Models Set for Refresh in the Coming Year; This Year’s Release Temporarily Deferred

Epic Games labels Apple’s Find My as Dubious Technology