Three Major Vulnerabilities in iOS

Languages: English. Risk Level: Medium.
Systems Affected

iPhone 5S and later, iPod touch 6th & 7th gen, iPad Air, iPad mini 2 and later, Apple Watch Series 1 and later


Apple recently released security patches for 3 major vulnerabilities found in iOS. These vulnerabilities were reported to Apple by Google’s Project Zero security team.


According to the Apple security advisory below are 3 major security flaws,
  ✻ CVE-2020-27930: A memory corruption issue in the FontParser library that allows for remote code execution when processing a maliciously crafted font.
  ✻ CVE-2020-27932: A memory initialization issue that allows a malicious application to execute arbitrary code with kernel privileges.
  ✻ CVE-2020-27950: A type-confusion issue that makes it possible for a malicious application to disclose kernel memory.


  ✻ Exposing private information to unauthorized parties
  ✻ Unauthorized access
  ✻ Malware infections

Solution/ Workarounds

  ✻ Update to the latest iOS versions (Fixes are available for the iOS versions iOS 12.4.9 and 14.2, iPadOS 14.2, watchOS 5.3.9, 6.2.9, and 7.1, and as a supplemental update for macOS Catalina 10.15.7)


Update Your iOS Devices Now — 3 Actively Exploited 0-Days Discovered


The information provided herein is on “as is” basis, without warranty of any kind.