Threat Advisories:

Apple fixes the zero-day vulnerabilities exploited by Pegasus spyware named “FORCEDENTRY”

Threat Level – Red | Vulnerability Report
Download PDF

For a detailed advisory, download the pdf file here.

Two actively exploited vulnerabilities (CVE-2021-30858 and CVE-2021-30860) have been fixed in Apple’s iOS 14.8, iPadOS 14.8, watchOS 7.6.2, macOS Big Sur 11.6, and Safari 14.1.2 releases. The NSO group carried out the attack by simply sending a malicious text message which were actually Adobe PSD files that crashed the iMessage component responsible for automatically rendering images and then deployed the Pegasus surveillance tool. Users of Apple’s iPhone, iPad, Mac, and Apple Watch should update their software right away to avoid any potential hazards resulting from active exploitation of the holes.

Vulnerability Details

CVE IDAffected CPEsVulnerability Name
CVE-2021-30858cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* 
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
Arbitrary code execution
CVE-2021-30860cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
 cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Integer overflow leading to arbitrary code execution.

Threat Actor

NameKnown asOriginTarget LocationsTarget 
NSO groupPegasus spywareIsraelWorldwide Surveillance, Financial gain 

Patch Links

https://support.apple.com/en-us/HT212804

https://support.apple.com/en-us/HT212805

https://support.apple.com/en-us/HT212806

https://support.apple.com/en-us/HT212807

References

https://thehackernews.com/2021/09/apple-issues-urgent-updates-to-fix-new.html

https://arstechnica.com/information-technology/2021/09/apple-fixes-imessage-zero-day-exploited-by-pegasus-spyware/

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox

Cyber Horizons 2025

What Last Year’s Attacks Reveal About Today’s Risks

Watch the Webinar on-demand and get a FREE copy of our Cyber Horizons 2025 report.

Our Speakers
Speaker 1

Prateek Bhajanka Global Field CISO & Former Gartner Analyst Hive Pro Inc.

Speaker 2

Ankit Mani Manager Threat Intel HiveForce Labs

Speaker 3

Sreevani Tonipe Senior Threat Researcher HiveForce Labs