{"id":19883,"date":"2024-01-09T04:00:00","date_gmt":"2024-01-09T01:00:00","guid":{"rendered":"https:\/\/rockvell.com\/?p=19883"},"modified":"2024-01-09T10:50:19","modified_gmt":"2024-01-09T07:50:19","slug":"kaspersky-t%c9%99r%c9%99find%c9%99n-apple-prosessorlarinda-kritik-z%c9%99iflik-askarlanib","status":"publish","type":"post","link":"https:\/\/rockvell.com\/?p=19883","title":{"rendered":"\u201cKaspersky\u201d t\u0259r\u0259find\u0259n \u201cApple\u201d prosessorlar\u0131nda kritik z\u0259iflik a\u015fkarlan\u0131b"},"content":{"rendered":"\n

\u201cKaspersky\u201d t\u0259r\u0259find\u0259n \u201cApple\u201d prosessorlar\u0131nda kritik z\u0259iflik a\u015fkarlan\u0131b<\/strong>.<\/p>\n\n\n\n

\u201cKaspersky\u201d-nin T\u0259hdidl\u0259rin T\u0259dqiqi v\u0259 T\u0259hlili \u00fczr\u0259 Qlobal M\u0259rk\u0259zinin m\u00fct\u0259x\u0259ssisl\u0259ri \u201cApple iPhone\u201d smartfonlar\u0131nda \u201cTrianqulyasiya \u018fm\u0259liyyat\u0131\u201d kampaniyas\u0131 \u00fc\u00e7\u00fcn m\u00fch\u00fcm \u0259h\u0259miyy\u0259t k\u0259sb ed\u0259n \u0259vv\u0259ll\u0259r nam\u0259lum olan aparat funksiyas\u0131n\u0131 a\u015fkar edibl\u0259r. S\u00f6hb\u0259t CVE-2023-38606<\/a> \u00e7ip z\u0259ifliyind\u0259n gedir. Onun vasit\u0259sil\u0259 t\u0259cav\u00fczkarlar \u201ciPhone\u201d smartfonlar\u0131n\u0131n 16.6 versiyaya q\u0259d\u0259r olan \u0259m\u0259liyyat sisteminin n\u00fcv\u0259 yadda\u015f\u0131ndak\u0131 qorunan sah\u0259l\u0259rin aparat m\u00fcdafi\u0259sind\u0259n yan ke\u00e7ibl\u0259r. M\u00fct\u0259x\u0259ssisl\u0259r Hamburqda ke\u00e7iril\u0259n \u201cChaos Communication Congress\u201dd\u0259 \u201cTrianqulyasiya \u018fm\u0259liyyat\u0131\u201d haqq\u0131nda yeni t\u0259f\u0259rr\u00fcatlar\u0131 a\u00e7\u0131qlay\u0131blar.<\/p>\n\n\n

\n
\"\"<\/figure><\/div>\n\n\n

A\u015fkar edilmi\u015f z\u0259iflik, \u00e7ox g\u00fcman ki, proqram t\u0259minat\u0131nda s\u0131naq v\u0259 ya sazlama \u00fc\u00e7\u00fcn n\u0259z\u0259rd\u0259 tutulmu\u015f istifad\u0259 olunmayan aparat x\u00fcsusiyy\u0259tidir. Qurban qo\u015fmada \u201czero-click\u201d istismar\u0131 il\u0259 gizli \u201ciMessage\u201d ismar\u0131\u015f\u0131 ald\u0131qdan v\u0259 t\u0259cav\u00fczkarlar bu istismardan istifad\u0259 ed\u0259r\u0259k kodu icra ed\u0259 v\u0259 imtiyazlar\u0131 art\u0131ra bildikd\u0259n sonra, bu aparat x\u00fcsusiyy\u0259tind\u0259n \u201cApple\u201d \u00e7ipl\u0259rinin aparat m\u00fcdafi\u0259si vasit\u0259l\u0259rind\u0259n yan ke\u00e7m\u0259k v\u0259 m\u0259zmunu manipulyasiya etm\u0259k \u00fc\u00e7\u00fcn istifad\u0259 edibl\u0259r. Bu add\u0131m cihaz \u00fcz\u0259rind\u0259 tam n\u0259zar\u0259ti \u0259l\u0259 ke\u00e7irm\u0259k \u00fc\u00e7\u00fcn \u00e7ox vacib idi. \u201cApple\u201d indi bu z\u0259ifliyi aradan qald\u0131r\u0131b.<\/p>\n\n\n\n

\u201cKaspersky\u201dy\u0259 m\u0259lum oldu\u011fu q\u0259d\u0259ril\u0259, bu funksiya s\u0259n\u0259dl\u0259\u015fdirilm\u0259yib. O, proqram t\u0259minat\u0131nda istifad\u0259 edilm\u0259yib v\u0259 \u0259n\u0259n\u0259vi \u00fcsullardan istifad\u0259 ed\u0259r\u0259k onu a\u015fkar etm\u0259k v\u0259 t\u0259hlil etm\u0259k \u00e7\u0259tin olub. Bu funksiya istifad\u0259 edilm\u0259diyi \u00fc\u00e7\u00fcn m\u00fct\u0259x\u0259ssisl\u0259r t\u0259cav\u00fczkarlar\u0131n ondan istifad\u0259 qaydalar\u0131 haqq\u0131nda t\u0259xminl\u0259ri nec\u0259 etdiyini bilmirl\u0259r. \u201cKaspersky\u201dnin T\u0259hdidl\u0259rin T\u0259dqiqat v\u0259 T\u0259hlili \u00fczr\u0259 Qlobal M\u0259rk\u0259zinin \u0259ks m\u00fch\u0259ndislikl\u0259 m\u0259\u015f\u011ful olan m\u00fct\u0259x\u0259ssisl\u0259ri aparat v\u0259 proqram t\u0259minat\u0131n\u0131n \u201ciPhone\u201da nec\u0259 inteqrasiya olundu\u011funu diqq\u0259tl\u0259 t\u0259hlil edibl\u0259r. Onlar x\u00fcsusil\u0259 yadda\u015f g\u00f6r\u00fcnt\u00fcl\u00fc giri\u015f-\u00e7\u0131x\u0131\u015f (Memory-mapped I\/O)-\u00fcsuluna – sistemd\u0259ki m\u0259rk\u0259zi prosessor v\u0259 periferik qur\u011fular aras\u0131nda \u0259laq\u0259 yaratmaq \u00fc\u00e7\u00fcn laz\u0131m olan \u00fcnvanlar \u2013 k\u00f6kl\u0259nibl\u0259r. T\u0259cav\u00fczkarlar t\u0259r\u0259find\u0259n yadda\u015f n\u00fcv\u0259sinin aparat m\u00fcdafi\u0259sind\u0259n yan ke\u00e7m\u0259k \u00fc\u00e7\u00fcn istifad\u0259 edil\u0259n nam\u0259lum MMIO \u00fcnvanlar\u0131 cihaz\u0259n k\u00f6k fayl\u0131nda m\u00fc\u0259yy\u0259n edilmi\u015f diapazonlar\u0131n he\u00e7 birind\u0259 a\u015fkar edilm\u0259yib. Bu, ciddi problem\u0259 g\u0259tirb \u00e7\u0131xar\u0131b. Bundan \u0259lav\u0259, komanda sistemin \u00e7ip \u00fcz\u0259rind\u0259 m\u00fcr\u0259kk\u0259b i\u015f sxemini v\u0259 onun iOS \u0259m\u0259liyyat sistemi il\u0259 qar\u015f\u0131l\u0131ql\u0131 \u0259laq\u0259sini, x\u00fcsus\u0259n yadda\u015f\u0131n idar\u0259 edilm\u0259si v\u0259 t\u0259hl\u00fck\u0259sizlik mexanizml\u0259ri hiss\u0259sind\u0259 s\u00f6km\u0259li olub. Bu proses m\u00fcxt\u0259lif cihaz k\u00f6k fayllar\u0131, m\u0259nb\u0259 kodu, n\u00fcv\u0259 formalar\u0131 v\u0259 bu MMIO \u00fcnvanlar\u0131na h\u0259r hans\u0131 istinad \u00fc\u00e7\u00fcn proqram t\u0259minat\u0131n\u0131n diqq\u0259tl\u0259 ara\u015fd\u0131r\u0131lmas\u0131n\u0131 \u0259hat\u0259 edib.<\/p>\n\n\n\n

\u201cBu, s\u0131radan bir z\u0259iflik deyil. iOS ekosisteminin qapal\u0131 t\u0259bi\u0259tin\u0259 g\u00f6r\u0259, onu tapmaq m\u00fcr\u0259kk\u0259b v\u0259 vaxt aparan olub; h\u0259m aparat, h\u0259m d\u0259 proqram t\u0259minat\u0131n\u0131n arxitekturas\u0131n\u0131n h\u0259rt\u0259r\u0259fli ba\u015fa d\u00fc\u015f\u00fclm\u0259si laz\u0131m g\u0259lib. Bu z\u0259iflik s\u00fcbut edir ki, h\u0259tta \u0259n m\u00fcasir aparat m\u00fcdafi\u0259 vasit\u0259l\u0259ri bel\u0259, bu m\u00fcdafi\u0259l\u0259rd\u0259n yan ke\u00e7m\u0259y\u0259 imkan ver\u0259n aparat funksiyalar\u0131 m\u00f6vcud oldu\u011fu m\u00fcdd\u0259tc\u0259 t\u0259cr\u00fcb\u0259li t\u0259cav\u00fczkar qar\u015f\u0131s\u0131nda acizdir\u201d, – dey\u0259 \u201cKaspersky\u201dnin apar\u0131c\u0131 kibert\u0259hdid t\u0259dqiqat\u00e7\u0131s\u0131 Boris Larin qeyd edir.<\/p>\n\n\n\n

\u201cTrianqulyasiya \u018fm\u0259liyyat\u0131\u201d iOS cihazlar\u0131n\u0131 h\u0259d\u0259f alan APT kampaniyas\u0131d\u0131r. \u201cKaspersky\u201d onun haqq\u0131nda 2023-c\u00fc ilin yay\u0131nda m\u0259lumat verib<\/a>. H\u00fccumlarda 16.2 versiyas\u0131na q\u0259d\u0259r iOS cihazlar\u0131 \u00fc\u00e7\u00fcn d\u00f6rd s\u0131f\u0131r g\u00fcn bo\u015flu\u011fundan istifad\u0259 ed\u0259r\u0259k iMessage vasit\u0259sil\u0259 istismarlar\u0131n yay\u0131lmas\u0131n\u0131n m\u00fcr\u0259kk\u0259b \u00fcsulundan istifad\u0259 edilib. Eyni zamanda, istifad\u0259\u00e7il\u0259rd\u0259n he\u00e7 bir f\u0259aliyy\u0259t t\u0259l\u0259b olunmay\u0131b. N\u0259tic\u0259d\u0259 t\u0259cav\u00fczkarlar cihaz v\u0259 istifad\u0259\u00e7i m\u0259lumatlar\u0131 \u00fcz\u0259rind\u0259 tam n\u0259zar\u0259ti \u0259l\u0259 ke\u00e7iribl\u0259r. \u201cKaspersky\u201dnin bildiri\u015find\u0259n sonra \u201cApple\u201d \u015firk\u0259ti r\u0259smi olaraq GReAT t\u0259dqiqat\u00e7\u0131lar\u0131 t\u0259r\u0259find\u0259n a\u015fkar edilmi\u015f d\u00f6rd s\u0131f\u0131r g\u00fcn bo\u015flu\u011funu aradan qald\u0131ran t\u0259hl\u00fck\u0259sizlik yenil\u0259m\u0259l\u0259rini yay\u0131mlay\u0131b (CVE-2023-32434, CVE-2023-32435, CVE-2023-38606, CVE-2023-41990). Onlar iPhone, iPod, iPad, macOS cihazlar\u0131, Apple TV v\u0259 Apple Watch da daxil olmaqla, \u00e7oxlu sayda \u201cApple\u201d m\u0259hsullar\u0131n\u0131 \u0259hat\u0259 edib.<\/p>\n\n\n\n

\u201cTrianqulyasiya \u018fm\u0259liyyat\u0131\u201dnda istifad\u0259 edil\u0259n b\u00fct\u00fcn z\u0259iflikl\u0259rin v\u0259 istismarlar\u0131n \u0259trafl\u0131 t\u0259hlilini burada g\u00f6r\u0259 bil\u0259rsiniz: https:\/\/securelist.ru\/operation-triangulation-the-last-hardware-mystery\/108683\/<\/a>.<\/p>\n\n\n\n

H\u0259d\u0259fli h\u00fccumlardan qorunmaq \u00fc\u00e7\u00fcn \u201cKaspersky\u201d m\u00fct\u0259x\u0259ssisl\u0259ri \u015firk\u0259tl\u0259r\u0259 t\u00f6vsiy\u0259 edir:<\/p>\n\n\n\n