SynopsisThe version of iOS running on the mobile device is affected by an information disclosure vulnerability.
DescriptionThe version of iOS running on the mobile device is prior to 10.0.1. It is, therefore, affected by an information disclosure vulnerability in the kernel due to improper sanitization of user-supplied input. An unauthenticated, remote attacker can exploit this, by convincing a user to run a specially crafted application, to disclose sensitive information from kernel memory.
This vulnerability is one of three zero day vulnerabilities disclosed on 2016/08/25 and is known to be used by the NSO Group's spyware product Pegasus.
SolutionUpgrade to Apple iOS version 10.0.1 or later.