iOS
Vulnerability
Threat Guidances
January 28, 2020

iOS 14.3 Vulnerabilities

Lookout Coverage and Recommendation for Admins

With Mobile Vulnerability and Patch Management, Lookout admins can set the default OS Out-of-Date policy to have a minimum compliant iOS version of 14.4. From there, admins can choose whether to simply alert the user that the device is out of compliance or completely block access to corporate resources until iOS is updated.

In addition, Lookout Phishing & Content Protection will help protect mobile users from malicious phishing campaigns built to exploit these vulnerabilities. Lookout PhishingAI constantly monitors the web for new sites built specifically for phishing purposes and implements protection against them in near real-time.

Overview

Apple notified iPhone users of three major vulnerabilities in iOS 14.3 that are actively being exploited in the wild. CVE-2021-1872, which appears to be the most critical, exploits a flaw in the iOS kernel that could allow malicious apps to elevate privileges on the device. The other two CVEs, 2021-1870 and 2021-1871, exploit flaws in Apple’s WebKit engine for Safari and could allow an attacker to execute malicious code remotely. Researchers suspect that attackers combine these vulnerabilities to gain full control of iOS devices remotely.

Lookout Analysis

Considering the nature of these vulnerabilities, an attacker could easily build a malicious app and distribute it via social engineering across social media platforms, SMS messages, third-party chat apps, and even dating or gaming apps. With the same strategy, they could build mobile-specific phishing campaigns that are delivered in a similar fashion and exploit the WebKit vulnerability.

This group of vulnerabilities illustrates the importance of always updating your mobile device’s operating system. Regardless of the device or operating system it runs on, updates are almost always centered around security patches. For the sake of keeping both personal and corporate data secure, a serious vulnerability in the kernel of the device should be patched without hesitation. In the case that your organization embraces BYOD, it’s even more critical that all users update their devices as attackers will leverage personal apps that deliver malicious payloads to out-of-date iPhones.

Authors

Lookout

Endpoint Security
Platform(s) Affected
iOS
Threat Type
Vulnerability
Entry Type
Threat Guidances
Platform(s) Affected
iOS
Vulnerability
Threat Guidances

Related Content

CVE-2025-31200-31201 Update

CISA recently added guidance to CVE-2025-31200, a memory corruption issue, and CVE-2025-31201, an arbitrary read and write issue.

Read Threat Article

CVE-2025-24201 on iOS

CISA recently provided guidance for CVE-2025-24201, an out-of-bounds write issue in WebKit. There has been evidence of active exploitation of this CVE.

Read Threat Article

Vulnerability Affecting Apple devices

CISA recently added guidance to CVE-2025-24085, a use-after-free issue, which affects Apple devices running on visionOS, iOS, iPadOS, macOS, tvOS, and watchOS.

Read Threat Article

Stop Cyberattacks Before They Start With Industry-Leading Threat Intelligence.

Schedule Demo
HeaderHeaderHeaderHeader
CellCellCellCell
CellCellCellCell
CellCellCellCell
CellCellCellCell