{"uuid": "eb919b69-8c13-447b-a29b-ae759d5d4cde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-30860", "type": "exploited", "source": "https://t.me/auraxchan/25489", "content": "NSO Group iMessage Zero-Click Exploit Captured in the Wild (Citizen Lab)\n\n-While analyzing the phone of a Saudi activist infected with NSO Group\u2019s Pegasus spyware, we discovered a zero-day zero-click exploit against iMessage. The exploit, which we call FORCEDENTRY, targets Apple\u2019s image rendering library, and was effective against Apple iOS, MacOS and WatchOS devices.\n- We determined that the mercenary spyware company NSO Group used the vulnerability to remotely exploit and infect the latest Apple devices with the Pegasus spyware. We believe that FORCEDENTRY\u00a0has been in use since at least February 2021.\n- The Citizen Lab disclosed the vulnerability and code to Apple, which has assigned the FORCEDENTRY\u00a0vulnerability CVE-2021-30860 and describes the vulnerability as \u201cprocessing a maliciously crafted PDF may lead to arbitrary code execution.\u201d\n- September 13th, Apple is released an update.\n\n@auraxchan\nhttps://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/", "creation_timestamp": "2021-09-14T10:07:59.000000Z"}