“ would need to get their app installed on the mobile device that is accessing the corporate data,” Watkins said. The post explained that exploiting the vulnerability requires a malicious app to be installed on a vulnerable device. This could lead to a compromise of corporate email and corporate documents, as well as back-end services, such as patient data servers, Watkins said.
Ultimately, an attacker “with access to an MDM managed device can read all managed configuration settings for an unpatched device,” the post said.īased on the types of apps that are open to the vulnerability, successful exploitation of the bug could result in the exposure of corporate credentials and servers to access, Kevin Watkins, chief data scientist with Appthority, told in a Thursday email correspondence. Referred to as Quicksand, the sandbox violation vulnerability impacts all mobile device management (MDM) clients and any mobile apps distributed via an MDM that use the “Managed App Configuration” setting, a Wednesday post explained.
Researchers with mobile security firm Appthority have identified a critical vulnerability in Apple's iOS mobile operating system.
0 kommentar(er)
