Hichem Maloufi

**Name of the Vulnerable Software and Affected Versions** iPadOS versions prior to 17.7.4 iOS versions prior to 18.3 iPadOS versions prior to 18.3 **Description** The issue is related to the handling of symlinks, which could allow an attacker to modify protected system files by restoring a maliciously crafted backup file. This may lead to arbitrary file reads outside the sandbox. While a mitigation was added in iOS 18.3, it does not fully fix the issue. **Recommendations** For iPadOS versions prior to 17.7.4, update to iPadOS 17.7.4 or later. For iOS versions prior to 18.3, update to iOS 18.3 or later. For iPadOS versions prior to 18.3, update to iPadOS 18.3 or later. As a temporary workaround, consider restricting access to backup files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 18.1 iPadOS versions prior to 18.1 iOS versions prior to 17.7.1 iPadOS versions prior to 17.7.1 visionOS versions prior to 2.1 tvOS versions prior to 18.1 **Description** This issue was addressed with improved handling of symlinks. Restoring a maliciously crafted backup file may lead to modification of protected system files, potentially exposing users to privilege escalation attacks. **Recommendations** For iOS versions prior to 18.1, update to iOS 18.1 or later. For iPadOS versions prior to 18.1, update to iPadOS 18.1 or later. For iOS versions prior to 17.7.1, update to iOS 17.7.1 or later. For iPadOS versions prior to 17.7.1, update to iPadOS 17.7.1 or later. For visionOS versions prior to 2.1, update to visionOS 2.1 or later. For tvOS versions prior to 18.1, update to tvOS 18.1 or later.