The MobileGestalt exploit targets vulnerabilities in the itunesstored and bookassetd daemons, enabling attackers to alter sensitive files on iOS devices. This vulnerability arises from a maliciously crafted database designed to trick iTunes into executing harmful actions. The process necessitates physically accessing the device to inject the corrupted databases into specific system directories, allowing further manipulation.
Demonstrated on an iPhone 12 running iOS 16.0.1, the exploit showcases the significant risk posed to device integrity, as it allows modification of caches and other important directories. Researcher Kim highlights the necessity for security teams to monitor for signs of this exploit, such as abnormal entries in download logs. As Apple has not yet responded to the vulnerability, it remains critical for users to stay informed about potential patches or updates that could mitigate this issue.
👉 Pročitaj original: Cyber Security News
