A researcher discovered and reported a remote code execution exploit that could allow an attacker to wipe iPhone and iPad devices running all iOS versions up to iOS 15.

Twitter user @RobertCFO posted on Wednesday that he had found a bug that would enable a user to use a high-level proximity Bluetooth LE exploit to remotely wipe iPhones and iPads without any access to the devices. The user also states that he will provide proof of concept at a later date.

POC? RCE up to 15.0.X ~ High level proximity based Bluetooth LE exploit to remote wipe iDevices based on proximity alone! No physical device access.

In short can put a laptop in a backpack and ride a bike in a city wiping iPhones :)

POC date tbd#iOS #iOS15 #iosrce pic.twitter.com/CD7cj9Bna7

— Robert (@RobertCFO) October 13, 2021

Included in the Tweet is a screenshot of an email exchange he had with a member of Apple's Product Security Team. The team member acknowledges the issue and states that it will be resolved in iOS 15.1, which the Apple representative said will roll out the week of Monday, October 25 — the week after Apple's "Unleashed" event.

iPhone 13 Pro VS iPhone 12 Pro Ultimate Camera Comparison! Can't Believe The Difference!

Apple also asked Robert to keep the email and the details of the exploit confidential until the patches were released to users.

Apple today seeded the fourth developer betas for iOS 15.1 and iPadOS 15.1.

The upcoming release of iOS 15.1 will introduce features that didn't arrive in time for the initial iOS 15 release, such as SharePlay. One major new feature also surfaced, with users able to add verifiable COVID vaccination cards to Wallet.

Source: Appleinsider