FORCEDENTRY

For Forcible entry, see forced entry.
FORCEDENTRY
CVE identifier(s)
  • CVE-2021-30860
  • CVE-2021-30858
Date patchedSeptember 2021[1]
DiscovererBill Marczak from Citizen Lab[1]
Affected software

FORCEDENTRY, also capitalized as ForcedEntry, is a security exploit allegedly developed by NSO Group to deploy their Pegasus spyware.[2][3] It enables the "zero-click" exploit that is prevalent in iOS 13 and below, but also compromises recent safeguards set by Apple's "BlastDoor" in iOS 14 and later. In September 2021, Apple released new versions of its operating systems for multiple device families containing a fix for the vulnerability.[1][4]

  1. ^ a b c "Israeli spyware firm targeted Apple devices via iMessage, researchers say". the Guardian. 2021-09-13. Retrieved 2021-09-13.
  2. ^ Cite error: The named reference bleepingcomputer was invoked but never defined (see the help page).
  3. ^ "Apple patches ForcedEntry vulnerability used by spyware firm NSO". ComputerWeekly.com. Retrieved 2021-09-14.
  4. ^ "Apple products vulnerable to FORCEDENTRY zero-day attack – patch now!". Naked Security. 2021-09-14. Retrieved 2021-09-14.