Apple fixes Exploited-in-the-Wild macOS Big Sur Privileged Arbitrary Code Execution Zero-Day Vulnerability

July 27, 2021

Apple has released a security update to address an exploited-in-the-wild zero-day vulnerability which allows for Privileged Arbitrary Code Execution. 

The vulnerability affects macOS Big Sur, iOS and iPadOS. (See Affected Products for affected versions) 

Apple did not publish details regarding the attacks or attackers that have exploited this vulnerability. 

The Vulnerability

An application may be able to execute arbitrary code with kernel privileges due to a memory corruption issue in the IOMobileFrameBugger component. 

Affected Products

  • macOS Big Sur prior to 11.5.1 
  • iOS prior to 14.7.1
  • iPadOS prior to 14.7.1 

Mitigation

For full mitigation, CYREBRO recommends implementation of the macOS Big Sur 11.5.1 update which fixes this issue. 

References: Apple Security Advisory 

Sign Up for Updates