Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Apple fixed a nasty MitM vulnerability in the latest watchOS

Apple fixed a nasty MitM vulnerability in the latest watchOS

2015/06/12

Softpedia - (International) Security researchers from Zimperium Mobile Security discovered that Apple Watch users running watchOS 1.0 are vulnerable to man-in-the-middle attacks dubbed "DoubleDirect" in which threat actors can leverage Internet Control Message Protocol (ICMP) redirects from the device and gateway to potentially steal credentials and deliver malicious payloads that could spread to devices on an entire corporate network.

Source: http://news.softpedia.com/news/Apple-Fixed-a-Nasty-MitM-Vulnerability-in-the-Latest-watchOS-484117.shtml

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:24:29