The Bitcoin Core developers recently fixed Vulnerability-related.PatchVulnerability a major vulnerability in the Bitcoin ( BTC ) network ’ s ( client ) codebase . Explaining the potentially serious nature of the software bug , which is tracked as Vulnerability-related.DiscoverVulnerability CVE-2018-17144 and classified as a denial-of-service ( DoS ) attack , Casaba Security co-founder Jason Glassberg said Vulnerability-related.DiscoverVulnerability : “ [ It ] can take down the network. ” Glassberg also told Vulnerability-related.DiscoverVulnerability ZDNet the vulnerability in the Bitcoin Core codebase “ would [ have ] affected transactions in the sense that they can not be completed , but does not appear to open up a way to steal or manipulate wallets. ” Denial-of-Service ( DoS ) , 51 % Attacks The Bitcoin Core client software is used by BTC miners to validate transactions on the cryptocurrency ’ s blockchain and the recent vulnerability found Vulnerability-related.DiscoverVulnerability in its source code could have been used to intentionally crash bitcoin ’ s full-node operators . Although not logistically feasible , this particular software bug could have been remotely exploited Vulnerability-related.DiscoverVulnerability by an attacker to launch a 51 % attack in which one entity controls the majority of the hashing ( or computing ) power of a cryptocurrency network . Advisory Notice , Critical Patch Released Vulnerability-related.PatchVulnerability In most cases , a bad actor has orchestrated a 51 % attack in order to manipulate transactions on a cryptocurrency ’ s blockchain for financial gains . At present , it would cost approximately $ 490,000 to launch such an attack ( for 1 hour ) on the Bitcoin network , according to Crypto51 . However , if the recent Bitcoin Core software bug had not been patched Vulnerability-related.PatchVulnerability , a bad actor could have initiated a 51 % attack on the cryptocurrency ’ s network at a considerably lower cost . The Bitcoin Core developers posted Vulnerability-related.DiscoverVulnerability an advisory notice ( on September 19th ) regarding this DoS vulnerability . Users of Bitcoin Core have been instructed to upgrade Vulnerability-related.PatchVulnerability to version 0.16.3 of the software . Previous versions ( 0.14.0 to 0.16.3 ) of the client contain the DoS vulnerability . Bitcoin Knots , one of at least 96 bitcoin forks to date , was considered vulnerable Vulnerability-related.DiscoverVulnerability as well and its client software was patched Vulnerability-related.PatchVulnerability . `` Copycat '' Cryptos Are At Risk Notably , the CVE-2018-17144 vulnerability could have also affected Vulnerability-related.DiscoverVulnerability the litecoin ( LTC ) network but its client has received Vulnerability-related.PatchVulnerability a patch . Commenting on the serious nature of these software bugs , Cornell computer science professor Emin Gün Sirer said Vulnerability-related.DiscoverVulnerability : “ Copycat currencies are at risk ” - meaning that all bitcoin forks are vulnerable Vulnerability-related.DiscoverVulnerability to the attack . The Turkish-American cryptographer , who identified Vulnerability-related.DiscoverVulnerability critical vulnerabilities in Ethereum ’ s codebase before its network was hit with the DAO attack , was referring to all the currently 69 active bitcoin forks that could still be exploited Vulnerability-related.DiscoverVulnerability with a 51 % attack as their clients might still not have received Vulnerability-related.PatchVulnerability a patch and are not as secure as bitcoin network due to their smaller size . In fact , Crypto51 has estimated it would only cost $ 122 to launch a 51 % attack on the Bitcoin Private ( BTCP ) network . However , this estimate has not been confirmed by another source .

It appears popular cryptocurrency Monero , often praised for its privacy functions , was riddled with security vulnerabilities – one of which allowed hackers to steal coins directly from the wallets of exchange desks . Utilizing old-fashioned social engineering , inventive hackers could forge Attack.Phishing transaction data and use it to trick Attack.Phishing support staff into crediting their account manually with extra XMR . By simply copying a line of code from Monero ’ s wallet – which is open-sourced and accessible to everyone – the attackers could manipulate the amounts shown by the wallet when facilitating transactions between addresses . The good thing is that the flaw has since been patched Vulnerability-related.PatchVulnerability ( in Monero at least , it is not entirely clear if this is the case for other Monero-based coins ) . The more concerning part is that it is only one out of six vulnerabilities disclosed Vulnerability-related.DiscoverVulnerability by Monero in the last 24 hours alone , according to information from its HackerOne bug bounty program . Other bugs included a Denial of Service attack vector that could ’ ve been abused to clog the Monero blockchain and a Python script exploit that made it possible to take down active nodes on the network . Just like the wallet flaw , all of these vulnerabilities have already been fixed Vulnerability-related.PatchVulnerability . This is not the first time researchers have found Vulnerability-related.DiscoverVulnerability kinks in the anonymous cryptocurrency ’ s code – but to Monero ’ s credit , its dev team has always made sure to address Vulnerability-related.PatchVulnerability such concerns appropriately . It ’ s no surprise that bug bounties are really becoming an industry standard , considering considering how much damage they can prevent . Recently $ 24,000 was claimed in one week across four different blockchain projects . Apparently , probing EOS is even more profitable : one hacker got paid $ 80,000 in one day for identifying critical bugs in its code . Update August 3 , 09:15 AM UTC : Monero project lead Riccardo Spagni , better known under the pseudonym ‘ fluffypony , ’ has since addressed Vulnerability-related.PatchVulnerability the vulnerability disclosures Vulnerability-related.DiscoverVulnerability in an email to Hard Fork . Spagni highlighted Vulnerability-related.DiscoverVulnerability that although the bugs were made public Vulnerability-related.DiscoverVulnerability yesterday , they were discovered Vulnerability-related.DiscoverVulnerability – separately – over the span of several months . “ The [ wallet ] vulnerability was introduced Vulnerability-related.DiscoverVulnerability by the sub-address functionality , so it ’ s relatively new , ” Spagni told Vulnerability-related.DiscoverVulnerability Hard Fork .

Oracle has released Vulnerability-related.PatchVulnerability a critical patch update addressing Vulnerability-related.PatchVulnerability more than 300 vulnerabilities across several of its products – including one flaw with a CVSS 3.0 score of 10 that could allow the takeover of the company ’ s software package , Oracle GoldenGate . Of the 301 security flaws that were fixed Vulnerability-related.PatchVulnerability in this month ’ s Oracle patch , 45 had a severity rating of 9.8 on the CVSS scale . “ Due to the threat posed by a successful attack , Oracle strongly recommends that customers apply Vulnerability-related.PatchVulnerability Critical Patch Update fixes as soon as possible , ” the company said in its Tuesday advisory . The highest-severity flaw ( CVE-2018-2913 ) lies in Vulnerability-related.DiscoverVulnerability the Monitoring Manager component of Oracle GoldenGate , which is the company ’ s comprehensive software package that allows data to be replicated in heterogeneous data environments . According to the National Vulnerability Database , the glitch is an easily exploitable vulnerability that allows unauthenticated attacker with network access via the TCP protocol to compromise Oracle GoldenGate . The flaw was discovered Vulnerability-related.DiscoverVulnerability by Jacob Baines , a researcher with Tenable . “ CVE-2018-2913 is a stack buffer overflow in GoldenGate Manager , ” Baines told Vulnerability-related.DiscoverVulnerability Threatpost . “ The Manager listens on port 7809 where it accepts GoldenGate Software Command Interface ( GGSCI ) commands . Tenable found that a remote unauthenticated attacker can trigger a stack buffer overflow by sending a GGSCI command that is longer than expected. ” The attack is not complex and a bad actor could be remote and unauthenticated . Making matters worse , an attacker could compromise other products after initially attacking GoldenGate , the advisory warned . “ While the vulnerability is in Oracle GoldenGate , attacks may significantly impact additional products , ” the note said Vulnerability-related.DiscoverVulnerability . “ Successful attacks of this vulnerability can result in takeover of Oracle GoldenGate. ” The flaw impacts Vulnerability-related.DiscoverVulnerability versions 12.1.2.1.0 , 12.2.0.2.0 , and 12.3.0.1.0 in Oracle GoldenGate . Currently no working exploits for the flaw have been discovered Vulnerability-related.DiscoverVulnerability in the wild , according to the release . It should be noted that For Linux and Windows platforms , the flaw ’ s CVSS score is 9.0 because the access complexity is lower ( only rated high , not critical ) ; while for all other platforms , the CVSS score is a critical 10 . Two other flaws were also discovered Vulnerability-related.DiscoverVulnerability in Oracle GoldenGate ( CVE-2018-2912 and CVE-2018-2914 ) , with ratings of 7.5 on the CVSS scale ; those vulnerabilities weren ’ t nearly as severe . “ All of these vulnerabilities may be remotely exploitable without authentication , i.e. , may be exploited Vulnerability-related.DiscoverVulnerability over a network without requiring user credentials . ”

A vulnerability in some versions of the Oracle Solaris enterprise OS could allow attackers to edit code in the memory and exploit Vulnerability-related.DiscoverVulnerability it to gain full root control over a machine . The privilege escalation vulnerability -- now patched Vulnerability-related.PatchVulnerability -- is present in Vulnerability-related.DiscoverVulnerability current versions of Oracle Solaris 10 and 11 running Sun StorageTek Availability Suite ( AVS ) for the filesystem and could be used to access to a low-level user or service account and , from there , gain complete root access to the system . The memory corruption bug has been uncovered and detailed Vulnerability-related.DiscoverVulnerability by researchers at Trustwave -- and its origins go all the way back to 2007 . The original issue was disclosed Vulnerability-related.DiscoverVulnerability in 2009 and apparently fixed Vulnerability-related.PatchVulnerability , but researchers revisited Vulnerability-related.DiscoverVulnerability the code this year only to find Vulnerability-related.DiscoverVulnerability the fix was partial and loopholes still allowed the execution of malicious code . The origins of the exploit , CVE-2018-2892 , lie in Vulnerability-related.DiscoverVulnerability one small fragment of code which contains a number of separate vulnerabilities around the dereferencing pointer , the means of getting values stored in a specific memory location . `` Attackers can exploit Vulnerability-related.DiscoverVulnerability this vulnerability to take access to a low-level user or service account and gain complete root access to the entire system , '' Neil Kettle , application security principal consultant at SpiderLabs at Trustwave , told Vulnerability-related.DiscoverVulnerability ZDNet . An attacker exploiting this vulnerability would need direct access to a user or service account . `` This can be obtained by targeting users with social engineering attacks or by exploiting vulnerabilities in existing services . Once the attacker has access to any account , this vulnerability can be very easily exploited Vulnerability-related.DiscoverVulnerability to gain complete root control over the system , '' said Vulnerability-related.DiscoverVulnerability Kettle . While the original 2007 vulnerability has probably been used in the wild , there 's no confirmation that the new exploit has been used to conduct an attack . Nonetheless , Trustwave disclosed the discovery Vulnerability-related.DiscoverVulnerability to Oracle , which has delivered Vulnerability-related.PatchVulnerability a patch to fix Vulnerability-related.PatchVulnerability the loophole .

The FDA confirmed Vulnerability-related.DiscoverVulnerability that St.Jude Medical 's implantable cardiac devices have vulnerabilities that could allow a hacker to access a device . Once in , they could deplete the battery or administer incorrect pacing or shocks , the FDA said on Monday . The devices , like pacemakers and defibrillators , are used to monitor and control patients ' heart functions and prevent heart attacks . St. Jude has developed Vulnerability-related.PatchVulnerability a software patch to fix Vulnerability-related.PatchVulnerability the vulnerabilities , and it will automatically be applied Vulnerability-related.PatchVulnerability to affected devices beginning Monday . To receive the patch , the Merlin @ home Transmitter must be plugged in and connected to the Merlin.net network . The FDA said patients can continue to use the devices , and no patients were harmed as a result of the vulnerabilities . Abbott Laboratories ( ABT ) , which recently acquired St. Jude in a deal worth $ 25 billion , said it has worked with the FDA and DHS to update and improve the security of the affected devices . `` Cybersecurity , including device security , is an industry-wide challenge and all implanted devices with remote monitoring have Vulnerability-related.DiscoverVulnerability potential vulnerabilities , '' Candace Steele Flippin , a spokeswoman for Abbott , told Vulnerability-related.DiscoverVulnerability CNNMoney in an email . `` As we 've been doing for years , we will continue to actively address cybersecurity risks and potential vulnerabilities and enhance our systems . '' The FDA said hackers could control a device by accessing its transmitter . In August 2016 , Muddy Waters founder Carson Block published a report claiming St. Jude 's devices could be hacked and said he was shorting the stock . St. Jude said the claims were `` absolutely untrue , '' and in September , it filed a lawsuit against the firm . In a statement , Block said Monday 's announcement `` vindicates '' the firm 's research . `` It also reaffirms our belief that had we not gone public , St. Jude would not have remediated the vulnerabilities , '' Block said . `` Regardless , the announced fixes Vulnerability-related.PatchVulnerability do not appear to address Vulnerability-related.PatchVulnerability many of the larger problems , including the existence of a universal code that could allow hackers to control the implants . '' The confirmation of St. Jude 's vulnerabilities is the latest reminder of how internet-connected devices can put health at risk . In December , the FDA published guidance for manufacturers on how to proactively address cybersecurity risks .

Claims Vulnerability-related.DiscoverVulnerability of a backdoor in WhatsApp that could be used for third-party snooping were shot down by WhatsApp , which called the allegations false . On Friday , news outlet The Guardian reported Vulnerability-related.DiscoverVulnerability that a cryptography researcher had discovered Vulnerability-related.DiscoverVulnerability a backdoor in WhatsApp ’ s messaging service that could “ allow Facebook and others to intercept and read encrypted messages ” . In a short statement , WhatsApp said the claim was false : “ WhatsApp does not give governments a ‘ backdoor ’ into its systems and would fight any government request to create a backdoor . The design decision referenced in The Guardian story prevents millions of messages from being lost , and WhatsApp offers people security notifications to alert them to potential security risks . WhatsApp published a technical white paper on its encryption design , and has been transparent about the government requests it receives , publishing data about those requests in the Facebook Government Requests Report ” . The Guardian report Vulnerability-related.DiscoverVulnerability cited research Vulnerability-related.DiscoverVulnerability by Tobias Boelter , a cryptography and security researcher at the University of California , Berkeley . Last April , Boelter disclosed Vulnerability-related.DiscoverVulnerability his findings to WhatsApp and published a report Vulnerability-related.DiscoverVulnerability on what he posited could be either a backdoor or a flaw in WhatsApp ’ s messaging platform . Boelter later told Vulnerability-related.DiscoverVulnerability The Guardian the “ backdoor ” gave WhatsApp the ability to read messages because of the way the company had implemented its end-to-end encryption protocol . Reporters quoted Kirstie Ball , co-director and founder of the Centre for Research into Information , Surveillance and Privacy who verified Boelter ’ s research and stated the “ backdoor ” made WhatsApp an “ an extremely insecure platform ” . The Guardian explains Boelter ’ s alleged backdoor like this : WhatsApp ’ s end-to-end encryption relies on the generation of unique security keys , using the acclaimed Signal protocol , developed by Open Whisper Systems , that are traded and verified between users to guarantee communications are secure and can not be intercepted by a middleman . However , WhatsApp has the ability to force the generation of new encryption keys for offline users , unbeknown to the sender and recipient of the messages , and to make the sender re-encrypt messages with new keys and send them again for any messages that have not been marked as delivered . The recipient is not made aware of this change in encryption , while the sender is only notified if they have opted-in to encryption warnings in settings , and only after the messages have been re-sent . This re-encryption and rebroadcasting effectively allows WhatsApp to intercept and read users ’ messages . WhatsApp , acquired by Facebook in 2014 , supports end-to-end encryption and is considered a secure messaging platform based on the highly regarded Signal protocol , developed by Open Whisper Systems . The app boasts one billion users and has been endorsed by the likes of Edward Snowden for keeping private messages private . Claims Vulnerability-related.DiscoverVulnerability of a WhatsApp backdoor have been staunchly dismissed Vulnerability-related.DiscoverVulnerability by a number security researchers and cryptography experts . Moxie Marlinspike , the founder of Open Whisper Systems also agrees with WhatsApp telling Threatpost , “ The Guardian reporting is inaccurate , there is no ‘ backdoor ’ in WhatsApp encryption . Unfortunately it appears that they did not speak with any cryptography experts in order to verify their claims ” . Marlinspike also posted a more technical explanation behind what Boelter found . In a nutshell , he explains what Boelter says Vulnerability-related.DiscoverVulnerability is a backdoor is actually something all public key cryptography system have to deal with . “ WhatsApp gives users the option to be notified when those changes occur , ” he wrote . Frederic Jacobs , a key developer of the private messaging app Signal , called the claims of a backdoor “ ridiculous ” . In a tweet he said “ It ’ s ridiculous that this is presented as a backdoor . If you don ’ t verify keys , authenticity of keys is not guaranteed . It 's ridiculous that this is presented as a backdoor . If you do n't verify keys , authenticity of keys is not guaranteed . — Frederic Jacobs ( @ FredericJacobs ) January 13 , 2017 Jacobs and other security researchers explain Vulnerability-related.DiscoverVulnerability the “ backdoor ” is a feature designed to allow WhatsApp users who obtain a new phone to reinstall the WhatsApp app and continue a preexisting conversation thread . There is a renegotiation of encryption keys allows for the continuity of WhatsApp conversations . The WhatsApp sender is only notified of the change in encryption if they have opted-in to an encryption warning setting within settings . Marlinspike and other security experts say snooping on WhatsApp ’ s re-encrypting of messages by Facebook or any other agency would be extremely difficult and improbable . In post to his personal site Friday he doubled-down on his assertion that what he found Vulnerability-related.DiscoverVulnerability was a flaw . “ WhatsApp has stated recently that this is not a bug , it is a feature . Because now senders don ’ t have to press an extra ‘ OK ’ button in the rare case they sent a message , the receiver is offline and has a new phone when coming back online , ” he said . I agree that it ’ s a flaw , but calling it a backdoor is hyperbole . Remember , Moxie removed SMS encryption from his previous app TextSecure because of the same reasons that the current flaw exists : it is difficult to have secure conversations with people wtih changing phones , changing apps , etc .

Details on serious vulnerabilities in a number of routers freely distributed by a major Thai ISP were published on Vulnerability-related.DiscoverVulnerability Monday after private disclosures Vulnerability-related.DiscoverVulnerability made to the vendors in July went unanswered . Researcher Pedro Ribeiro of Agile Information Security found Vulnerability-related.DiscoverVulnerability accessible admin accounts and command injection vulnerabilities in ZyXel and Billion routers distributed by TrueOnline , Thailand ’ s largest broadband company . Ribeiro said Vulnerability-related.DiscoverVulnerability he disclosed Vulnerability-related.DiscoverVulnerability the vulnerabilities through Beyond Security ’ s SecuriTeam Secure Disclosure Program , which contacted the affected vendors last July . Ribeiro published Vulnerability-related.DiscoverVulnerability a proof of concept exploit yesterday as well . Ribeiro told Vulnerability-related.DiscoverVulnerability Threatpost he ’ s unsure whether TrueOnline introduced Vulnerability-related.DiscoverVulnerability the vulnerabilities as it adds its own customization to the routers , or whether they came from the respective manufacturers . A ZyXel representative told Threatpost the router models are no longer supported and would not comment on whether patches were being developed Vulnerability-related.PatchVulnerability . A request for comment from Billion was not returned in time for publication . The commonality between the routers appears to be that they ’ re all based on the TC3162U system-on-a-chip manufactured by TrendChip . Affected routers are the ZyXel P660HN-T v1 and P660HN-T v2 , and Billion 5200 W-T , currently in distribution to TrueOnline customers . The TC3162U chips run two different firmware variants , one called “ ras ” which includes the Allegro RomPage webserver vulnerable to the Misfortne Cookie attacks , and the other called tclinux . The tclinux variant contains the vulnerabilities found Vulnerability-related.DiscoverVulnerability by Ribeiro , in particular several ASP files , he said Vulnerability-related.DiscoverVulnerability , are vulnerable Vulnerability-related.DiscoverVulnerability to command injection attacks . He also cautions that they could be also vulnerable to Misfortune Cookie , but he did not investigate this possibility . “ It should be noted that tclinux contains files and configuration settings in other languages ( for example in Turkish ) . Therefore it is likely that these firmware versions are not specific to TrueOnline , and other ISP customised routers in other countries might also be vulnerable , ” Ribeiro said in his advisory . “ It is also possible that other brands and router models that use the tclinux variant are also affected Vulnerability-related.DiscoverVulnerability by the command injection vulnerabilities ( the default accounts are likely to be TrueOnline specific ) ” . In addition to Ribeiro ’ s proof-of-concept , Metasploit modules are available Vulnerability-related.DiscoverVulnerability for three of the vulnerabilities . Most of the vulnerabilities can be exploited Vulnerability-related.DiscoverVulnerability remotely , some without authentication . “ These vulnerabilities are present in the web interface . The default credentials are part of the firmware deployed by TrueOnline and they are authorized to perform remote access over the WAN , ” Ribeiro said . “ Due to time and lab constraints I was unable to test whether these routers expose the web interface over the WAN , but given the credentials , it is likely ” . The ZyXel P660HN-T v1 router is vulnerable Vulnerability-related.DiscoverVulnerability to an unauthenticated command injection attack that can be exploited remotely . Ribeiro said Vulnerability-related.DiscoverVulnerability he found Vulnerability-related.DiscoverVulnerability the vulnerability in the remote system log forwarding function , specifically in the ViewLog.asp page . V2 of the same router contains Vulnerability-related.DiscoverVulnerability the same vulnerability , but can not be exploited Vulnerability-related.DiscoverVulnerability without authentication , he said . “ Unlike in the P660HN-Tv1 , the injection is authenticated and in the logSet.asp page . However , this router contains a hardcoded supervisor password that can be used to exploit this vulnerability , ” Ribeiro said . “ The injection is in the logSet.asp page that sets up remote forwarding of syslog logs , and the parameter vulnerable to injection is the serverIP parameter ” . The Billion 5200W-T is also vulnerable Vulnerability-related.DiscoverVulnerability to unauthenticated and authenticated command injection attacks ; the vulnerability was found Vulnerability-related.DiscoverVulnerability in its adv_remotelog.asp page . “ The Billion 5200W-T router also has several other command injections in its interface , depending on the firmware version , such as an authenticated command injection in tools_time.asp ( uiViewSNTPServer parameter ) , ” Ribeiro said . It should be noted that this router contains several hardcoded administrative accounts that can be used to exploit this vulnerability ” . Ribeiro said default and weak admin credentials were found on the all of the versions and were accessible remotely . The researcher said it ’ s unknown whether the routers can be patched remotely . “ Again , given the existence of default credentials that have remote access , it is likely that it is possible to update the firmware remotely , ” Ribeiro said . Most of iBall baton routers in India are also vulnerable Vulnerability-related.DiscoverVulnerability to unauthenticated and authenticated command injection attack , i have reason to believe default and weak admin credentials are on the all of the versions and were accessible remotely . i Have I “ Ball WRA150N ” ADSL2+ iBall baton Router.And IBall is never accepting not even taking response to complains and request for latest firmware patches . ASUS patched Vulnerability-related.PatchVulnerability a bug that allowed attackers to pair two vulnerabilities to gain direct router access and execute commands as root . Thanks to Meltdown and Spectre , January has already been an extremely busy month of patching Vulnerability-related.PatchVulnerability for Microsoft .

Apple is reportedly aware Vulnerability-related.DiscoverVulnerability of and is in the middle of fixing Vulnerability-related.PatchVulnerability a pair of vulnerabilities that exist in iTunes and the App Store . If exploited Vulnerability-related.DiscoverVulnerability , researchers claim Vulnerability-related.DiscoverVulnerability an attacker could inject malicious script into the application side of the vulnerable module or function . Vulnerability Lab ’ s Benjamin Kunz Mejri disclosed Vulnerability-related.DiscoverVulnerability the vulnerabilities on Monday , explaining Vulnerability-related.DiscoverVulnerability the issues can be jointly exploited Vulnerability-related.DiscoverVulnerability via iTunes and the App Store ’ s iOS “ Notify ” function . Apple implemented the function in September , in the weeks leading up to the release of the game Super Mario Run . The function takes information from the device , such iCloud credentials or devicename values , to alert users when a soon-to-launch application debuts . Mejri , the firm ’ s founder , claims Vulnerability-related.DiscoverVulnerability the Notify functionality can be exploited Vulnerability-related.DiscoverVulnerability via a persistent input validation vulnerability and mail encoding web vulnerability . An attacker could substitute the name variable–the vulnerable firstname parameter–with a script launching a payload . Mejri said the issue stems from how Apple sends notifications from its @ new-itunes.com web server ; which doesn ’ t properly validate the iCloud name or devicename parameter . Instead of displaying introductory text , it can be rigged to execute malicious payloads . “ The vulnerability can be exploited Vulnerability-related.DiscoverVulnerability on restricted accessible iOS devices to the main account holder inbox , ” Mejri wrote in his disclosure Vulnerability-related.DiscoverVulnerability Monday , “ The issue could be used as well to continue to calendar spam activities ” . Mejri told Vulnerability-related.DiscoverVulnerability Threatpost Tuesday that while the issue isn ’ t highly exploitable , it “ definitely has a nice impact ” . Exploiting the persistent input validation flaw would be easier , because it only requires an Apple account and “ low or medium user interaction , ” according to the researcher . Ultimately , if stitched together , he warns Vulnerability-related.DiscoverVulnerability , the bugs could result in session hijacking , persistent phishing attacks , and persistent redirect to external sources . Mejri said Vulnerability-related.DiscoverVulnerability he contacted Vulnerability-related.DiscoverVulnerability Apple ’ s Product Security Team about the issues on Dec. 15 and acknowledged Vulnerability-related.DiscoverVulnerability that the vulnerability should be able to be resolved on the server-side without performing any required end-user interaction or updates . He said a temporary patch has been implemented Vulnerability-related.PatchVulnerability and believes a full fix is expected Vulnerability-related.PatchVulnerability later this month . It ’ s unclear exactly when this month Apple will push that fix Vulnerability-related.PatchVulnerability , however ; it last updated iTunes in December , fixing Vulnerability-related.PatchVulnerability 23 WebKit vulnerabilities in the software . Apple did not return multiple requests for comment regarding Vulnerability-related.DiscoverVulnerability the vulnerabilities on Monday and Tuesday . A month after first communicating the issues to Apple , Vulnerability Lab elected to publish a proof of concept around the issues to see if they had any legs . “ We decided to release the information until somebody uses the issue to exploit via iTunes , ” Kunz Mejri told Threatpost Tuesday . The vulnerability is similar to one disclosed Vulnerability-related.DiscoverVulnerability by Vulnerability Lab and patched Vulnerability-related.PatchVulnerability by Apple in iTunes and the App Store a year and a half ago . Before it was fixed Vulnerability-related.PatchVulnerability , like this week ’ s issue , an attacker could have remotely injected script into invoices , something that could have lead to hijacking , phishing , and redirect .