Photo credit: www.csoonline.com
Recent statements from Apple indicate considerable concern regarding a specific security vulnerability. This marks a notable departure from the company’s typical terminology, as they usually classify issues simply as “actively exploited” without detailing the complexity or targeting of the attacks involved.
According to Sunil Varkey, an advisor at Beagle Security, the flaw necessitates physical access to the device, yet it poses significant risks. “Sophisticated attackers might blend this vulnerability with other remote exploits,” he explained. “Public charging stations found in airports, shopping malls, or hotels can potentially be altered to take advantage of the devices that connect to them. Furthermore, malicious actors might place compromised chargers, cables, or adapters in public spaces or hand them out as promotional items. A harmful accessory could activate USB data transfer capabilities, allowing it to exploit the vulnerability as soon as it is connected.”
Varkey emphasized that this flaw could grant access to sensitive information by unauthorized individuals, including repair technicians, law enforcement personnel, or anyone who gains brief physical access to a locked device. This access could be achieved without requiring the user’s password, highlighting the pressing need for users to exercise caution in their device handling and charging practices.
Source
www.csoonline.com