// #ios
3 articles
Apple's Retroactive CVE Disclosure Practice Creates Systematic Gaps in Enterprise Patch Management
Apple's habit of retroactively adding CVE details to previously published security advisories creates operational complexity for enterprise vulnerability management programmes: vulnerabilities appear as 'new' in CVE feeds after they have already been patched in deployed OS versions, generating false-positive remediation workflows and obscuring the true patch state of Apple endpoints.
Apple Retroactively Publishes CVE Details for macOS, iOS, and visionOS — Including Root Escalation and Siri Privacy Bypass
Apple updated multiple security pages on 26 May to add CVE identifiers and technical details for vulnerabilities that were patched weeks or months earlier with minimal public disclosure. The retroactively disclosed issues include a CoreServices root escalation via malicious app, a Siri Private Browsing bypass, and a call history fingerprinting flaw — none were disclosed as separate security updates at the time of patching.
DarkSword Apple Exploit Chain Adds Three CVEs to CISA KEV — Federal Deadline April 3
CISA has added three vulnerabilities from the DarkSword iOS/macOS exploit chain to its Known Exploited Vulnerabilities catalogue, mandating federal agencies patch all Apple devices by 3 April. DarkSword is a multi-stage attack framework linking six chained vulnerabilities to achieve full kernel compromise across iOS, iPadOS, macOS, watchOS, and tvOS — with no user interaction required beyond visiting a malicious webpage.