iOS
Vulnerability
Threat Guidances
March 31, 2021

iOS WebKit Vulnerabilities

Lookout Coverage and Recommendation for Admins

With Vulnerability and Patch Management, Lookout admins can set the default OS Out-of-Date policy to have a minimum compliant iOS version of 14.4.2 From there, admins can choose whether to simply alert the user that the device is out of compliance or completely block access to corporate resources until iOS is updated.

In addition, Lookout Phishing & Content Protection will help protect mobile users from malicious phishing campaigns built to exploit these vulnerabilities. Lookout PhishingAI constantly monitors the web for new sites built specifically for phishing purposes and implements protection against them in near real-time.

Overview

Apple released an urgent software update to iOS 14.4.2 to patch a serious vulnerability in Apple’s WebKit browser engine. This vulnerability is actively being exploited in the wild according to Apple. This is not the first urgent security patch that Apple has released for iOS 14, as there were three highly critical vulnerabilities found in iOS 14.3 earlier in 2021. In addition to releasing 14.4.2, Apple also deemed this vulnerability serious enough to release an update for devices that can only run up to iOS 12, such as iPhone 5s, 6, and older iPads.

Lookout Analysis

While Apple hasn’t released many details about the vulnerability, a successful exploit could allow malicious websites to perform arbitrary cross-scripting on the device. This means that an attacker could easily redirect you to a malicious page they built, phish login credentials for personal or corporate accounts, or deliver malware to the device to spy on the user or exfiltrate files from any cloud- based service that user has access to. In addition, the attacker could perform actions on the user’s behalf on malicious sites.

Since this vulnerability exists in WebKit, it could also be used inside iOS apps. This incident exemplifies why attackers have found that delivering phishing links through platforms like social media, third-party messaging apps, gaming, and even dating apps makes it easier to socially engineer mobile users.

Authors

Lookout

Endpoint Security
Platform(s) Affected
iOS
Threat Type
Vulnerability
Entry Type
Threat Guidances
Platform(s) Affected
iOS
Vulnerability
Threat Guidances

Related Content

CVE-2025-31200-31201 Update

CISA recently added guidance to CVE-2025-31200, a memory corruption issue, and CVE-2025-31201, an arbitrary read and write issue.

Read Threat Article

CVE-2025-24201 on iOS

CISA recently provided guidance for CVE-2025-24201, an out-of-bounds write issue in WebKit. There has been evidence of active exploitation of this CVE.

Read Threat Article

Vulnerability Affecting Apple devices

CISA recently added guidance to CVE-2025-24085, a use-after-free issue, which affects Apple devices running on visionOS, iOS, iPadOS, macOS, tvOS, and watchOS.

Read Threat Article

Stop Cyberattacks Before They Start With Industry-Leading Threat Intelligence.

Schedule Demo
HeaderHeaderHeaderHeader
CellCellCellCell
CellCellCellCell
CellCellCellCell
CellCellCellCell