Vulnerability Profile Updated 3 months ago
Download STIX
Preview STIX
LatentImage is a software vulnerability discovered by Citizen Lab, identified as the third zero-click exploit used by NSO Group in 2022. This flaw was found on a single target's phone and is believed to be the first new exploit deployed by the NSO Group that year. Similar to two other exploits uncovered by Citizen Lab, namely FINDMYPWN and another variant of LatentImage, it appears to involve the iPhone's Find My feature. However, it constitutes a different exploit chain than FINDMYPWN. The discovery of LatentImage took place in January 2022, with the exploit being active on iOS 15. The researchers at Citizen Lab found this third zero-click exploit to be distinct from the previous two, although all three were utilized to exploit the same iPhone feature. These findings resulted from an extensive investigation into the activities of NSO Group, an organization known for its development and deployment of sophisticated cyber-espionage tools. Citizen Lab's investigation further revealed that NSO Group was hired to use these exploit chains, including LatentImage, to deploy Pegasus spyware against human rights groups in Mexico. One of these groups, Centro PRODH, represents families accusing the Mexican military of abuses. This revelation has led to legal action, with Apple suing NSO Group for its use of these vulnerabilities to compromise the security and privacy of iPhone users.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
FINDMYPWN is a zero-click exploit that was used against iOS 15 starting from June 2022. This two-step vulnerability targets the iPhone's Find My feature and iMessage, allowing for unauthorized access and control of the device. It has been observed being deployed as zero-days against iOS versions 15.
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
NSO Group
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
Pegasus is a highly sophisticated malware developed by the NSO Group, known for its advanced and invasive capabilities. It is classified as mercenary spyware, often used by governments to target individuals such as journalists, political activists, and others of interest. Pegasus is particularly not
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
The "PWNYOURHOME" vulnerability is a significant flaw in software design or implementation that was used against iPhones running iOS 15 and iOS 16 starting in October 2022. Identified by Citizen Lab, it is one of three zero-click exploits that were used to deploy the Pegasus spyware on target iPhone
Source Document References
Information about the Latentimage Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
10 months ago
Zero-Click iPhone Exploit Drops Spyware on Exiled Russian Journalist
a year ago
NSO's Pegasus spyware uses 3 zero-click iOS exploit to hack iPhones
a year ago
PWNYOURHOME, FINDMYPWN, LATENTIMAGE: 3 iOS Zero-Click exploits used by NSO Group in 2022
a year ago
NSO Group is Back in Business With 3 New iOS Zero-Click Exploits