The Information Highway

The Information Highway

Font size: +
2 minutes reading time (433 words)

Apple fixes iOS Kernel zero-day vulnerability on older iPhones

Apple has published security updates for older iPhones and iPads to backport patches released one week ago, addressing two zero-day vulnerabilities exploited in attacks. 

"Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6," the company said in an advisory.

The first zero-day (tracked as CVE-2023-42824) is a privilege escalation vulnerability caused by a weakness in the XNU kernel that can let local attackers elevate privileges on vulnerable iPhones and iPads. 

Apple has now also fixed the issue in iOS 16.7.1 and iPadOS 16.7.1 with improved checks, but it has yet to reveal who discovered and reported the flaw.

The second one, a bug identified as CVE-2023-5217, is caused by a heap buffer overflow vulnerability within the VP8 encoding of the open-source libvpx video codec library. This flaw could let threat actors gain arbitrary code execution upon successful exploitation.

Even though Apple did not confirm any instances of exploitation in the wild, Google previously patched the libvpx bug as a zero-day in its Chrome web browser. Microsoft also addressed the same vulnerability in its Edge, Teams, and Skype products.

Google attributed the discovery of CVE-2023-5217 to security researcher Clément Lecigne, a member of Google's Threat Analysis Group (TAG), a team of security experts known for uncovering zero-days exploited in state-backed targeted spyware attacks aimed at high-risk individuals.

The list of devices impacted by the two zero-day bugs is extensive, and it includes:

  • iPhone 8 and later
  • iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later

CISA added the two vulnerabilities [1, 2] to its Known Exploited Vulnerabilities Catalog last week, ordering federal agencies to secure their devices against incoming attacks.

Apple also recently addressed three zero-days (CVE-2023-41991, CVE-2023-41992, and CVE-2023-41993) that researchers from Citizen Lab and Google TAG reported. Threat actors exploited them to deploy Cytrox's Predator spyware.

Additionally, Citizen Lab found two other zero-day vulnerabilities (CVE-2023-41061 and CVE-2023-41064) that were fixed by Apple last month.

These flaws were exploited as part of a zero-click exploit chain known as BLASTPASS and used to install NSO Group's Pegasus spyware on fully patched iPhones.

Since the start of the year, Apple patched 18 zero-day vulnerabilities exploited in the wild to target iPhones and Macs, including:

  • two zero-days (CVE-2023-37450 and CVE-2023-38606) in July
  • three zero-days (CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439) in June
  • three more zero-days (CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373) in May
  • two zero-days (CVE-2023-28206 and CVE-2023-28205) in April
  • and another WebKit zero-day (CVE-2023-23529) in February
CISA shares vulnerabilities, misconfigs used by ra...
Shadow PC warns of data breach as hacker tries to ...

Related Posts

 

Comments

No comments made yet. Be the first to submit a comment
Saturday, 23 November 2024

Captcha Image

Top Breaches Of 2023

Customers Affected In T-Mobile Breach
Accounts Affected In MOVEit Breach
Customers Affected In MCNA Insurance Data Breach
Individuals Affected In PharMerica Data Breach
Users Affected In ChatGPT Major Data Breach
*Founder Shield End of Year 2023