Cybersecurity Threat Advisory: Three Apple zero-day vulnerabilities
Apple released security updates to address three new zero-day vulnerabilities being exploited in the wild. These vulnerabilities are associated with WebKit and covers different intrusion methods. Barracuda MSP recommends applying the latest security updates from Apple to resolve these vulnerabilities.
What is the threat?
The three new zero-day vulnerabilities for WebKit are logged as CVE-2023-32373, CVE-2023-28204, and CVE-2023-32409. These CVEs are currently pending, but there are prime details that were released.
- CVE-2023-32373 is a Use-After Free (UAF) vulnerability that is exploited when processing malicious web content. Upon successful exploitation, the threat actor can perform arbitrary code execution.
- CVE-2023-28204 is related to an out-of-bounds read issue within Webkit. If exploited successfully, attackers can reveal sensitive information while processing web content.
- CVE-2023-32409 is a vulnerability that allows the malicious actor to leave beyond the bounds of the Web Content sandbox environment.
- The remaining two other vulnerabilities were anonymously reported.
Barracuda SOC will share more details on these zero-day vulnerabilities when more information is made available.
Why is it noteworthy?
Apple is a popular brand amongst consumer devices. The following versions are impacted by the new zero-day vulnerabilities:
- iOS 16.5 and iPadOS 16.5 iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
- iOS 15.7.6 and iPadOS 15.7.6 iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
- macOS Ventura 13.4 – macOS Ventura
- tvOS 16.5 – Apple TV 4K (all models) and Apple TV HD
- watchOS 9.5 – Apple Watch Series 4 and later
- Safari 16.5 – macOS Big Sur and macOS Monterey
It is imperative that these devices are updated to the latest security updates to avoid the threat these vulnerabilities pose to end users.
What is the exposure or risk?
Apple’s recent vulnerabilities can lead to significant exposure and/or risk to its customers. The three vulnerabilities are associated to the possibility of arbitrary code execution, access to sensitive information and a wide landscape of other malicious activities. Since these vulnerabilities are revealed, Apple has acted by improving bound checks, input validation and memory management, which all can be applied to devices through their recent security update.
What are the recommendations?
Barracuda MSP recommends the following actions to keep your Apple devices secured:
- Complete an inventory check of Apple products within your organization and assess the operating systems they are running.
- Apply the latest security update provided by Apple as soon as possible.
For more in-depth information about the recommendations, please visit the following links:
If you have any questions, please contact our Security Operations Center.