Vulnerability cyber

Apple

Jun 6, 2025 1 min read
Apple

A previously unknown zero-click vulnerability in Apple’s iMessage, dubbed 'NICKNAME,' affected iOS versions up to 18.1.1 and was exploited by sophisticated threat actors targeting high-profile individuals. The vulnerability allowed attackers to compromise iPhones without user interaction, requiring only the target’s phone number or Apple ID. The attack exploited a race condition in the imagent process, leading to memory corruption and potential code execution on targeted devices. The affected individuals included political campaign staff, journalists, tech executives, and government officials in the EU and the US. Apple patched the vulnerability in iOS 18.3.

Source: https://cybersecuritynews.com/imessage-0-click-exploit-iphone-users/

TPRM report: https://scoringcyber.rankiteo.com/company/apple

"id": "app952060625",
"linkid": "apple",
"type": "Vulnerability",
"date": "6/2025",
"severity": "100",
"impact": "",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Technology',
                        'location': 'Global',
                        'name': 'Apple',
                        'type': 'Technology Company'}],
 'attack_vector': 'iMessage contact profile update feature',
 'description': 'A previously unknown zero-click vulnerability in Apple’s '
                "iMessage, dubbed 'NICKNAME', affected iOS versions up to "
                '18.1.1 and was exploited by sophisticated threat actors '
                'targeting high-profile individuals across the United States '
                'and the European Union.',
 'impact': {'data_compromised': ['Political campaign staff',
                                 'Journalists',
                                 'Tech executives',
                                 'Government officials'],
            'systems_affected': ['iPhones']},
 'initial_access_broker': {'entry_point': 'iMessage contact profile update '
                                          'feature',
                           'high_value_targets': ['Political campaign staff',
                                                  'Journalists',
                                                  'Tech executives',
                                                  'Government officials']},
 'lessons_learned': 'Immediate updates to the latest iOS version and enabling '
                    'Lockdown Mode for high-risk individuals',
 'motivation': 'Espionage',
 'post_incident_analysis': {'corrective_actions': 'Use of immutable copies of '
                                                  'dictionaries for nickname '
                                                  'updates',
                            'root_causes': 'Race condition in imagent process'},
 'recommendations': 'Update to the latest iOS version and enable Lockdown Mode '
                    'for additional protection against zero-click attacks',
 'references': [{'source': 'iVerify'}],
 'response': {'containment_measures': ['Patch released in iOS 18.3'],
              'remediation_measures': ['Use of immutable copies of '
                                       'dictionaries for nickname updates'],
              'third_party_assistance': ['iVerify']},
 'title': 'NICKNAME Zero-Click Vulnerability in Apple’s iMessage',
 'type': 'Zero-Click Vulnerability',
 'vulnerability_exploited': 'Race condition in imagent process'}
Published by
Jeremy C
Jeremy C
You might also like
Vulnerability cyber

HPE

public 1 min read
Multiple severe security vulnerabilities in HPE Insight Remote Support (IRS) platform that could allow attackers to execute remote code, traverse…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.