Apple patches another iOS zero-day under attack (CVE-2023-42824)

Apple has issued a security update for both iOS and iPadOS, addressing yet another zero-day vulnerability (CVE-2023-42824) that had been actively exploited in the wild.

About CVE-2023-42824

CVE-2023-42824 is classified as a kernel vulnerability with the potential to enable a local threat actor to escalate their privileges on impacted iPhones and iPads. Apple has acknowledged reports of potential active exploitation of this issue on iOS versions preceding the version 16.6. The affected devices include:

  • iPhone XS and later
  • iPad Pro 12.9-inch 2nd generation and later
  • Pad Pro 10.5-inch
  • iPad Pro 11-inch 1st generation and later
  • iPad Air 3rd generation and later
  • iPad 6th generation and later
  • iPad mini 5th generation and later

To rectify this vulnerability, the company has taken measures to release iOS 17.0.3 and iPadOS 17.0.3 updates. These updates not only address CVE-2023-42824 but also tackle CVE-2023-5217, which pertains to a buffer overflow vulnerability found in the vp8 encoding within the libvpx video codec library, posing a risk of arbitrary code execution. Apple has resolved the buffer overflow concern by upgrading to libvpx version 1.13.1.

A glut of exploited zero-days

In the past month, Apple has been diligent in addressing actively exploited zero-day vulnerabilities. Notably, CVE-2023-41064 and CVE-2023-41061 were discovered and successfully chained together to deploy NSO Group’s Pegasus spyware on iPhones belonging to high-risk individuals. Citizen Lab reported these vulnerabilities, and Apple promptly resolved them in both the iOS 16 and iOS 15 versions.

In late September, Citizen Lab, in collaboration with Google TAG, brought to light three additional zero-day vulnerabilities (CVE-2023-41992, CVE-2023-41991, CVE-2023-41993) affecting iOS devices. These zero-days were exploited in a chain to deliver Intellexa’s Predator malware to targeted iOS devices. Apple has taken swift action by addressing these issues in iOS 17 and has also introduced enhancements to Lockdown Mode, a security feature that provides added protection for high-risk users.

Megafea Editors