Published: June 23, 2023

Overview

Apple has discovered and patched some security vulnerabilities (CVE-2023-32434, CVE-2023-32435 and CVE-2023-32439) that affect millions of iPhones, iPads, Macs, and some iPods. These vulnerabilities could allow attackers to take complete control of devices by processing web content or running malicious applications. Apple said it is aware of a report that some of these vulnerabilities may have been actively exploited. Users are advised to update their devices to the latest software versions as soon as possible.

Impact

Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution. An application may be able to execute arbitrary code with kernel privileges. (CVE-2023-32434). Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2023-32435 and CVE-2023-32439). Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Experts have reported that these new zero-day vulnerabilities have been exploited in attacks installing Triangulation spyware on iPhones via iMessage zero-click exploits. The Apple platforms which have been impacted by these vulnerabilities are:

  • iOS – mobile operating system present in iPhone, iPad and iPod
  • iPadOS – operating system for iPads
  • macOS – operating system for Apple desktops and laptops
  • watchOS – operating system based on iOS for Apple watch

Applicable Versions

Affected VersionUpdated Version
iOS prior to 16.5.1iOS 16.5.1
iPadOS prior to 16.5.1iPadOS 16.5.1  
macOS Big Sur prior to 11.7.8   macOS Big Sur 11.7.8  
mac OS Monterey prior to 12.6.7   mac OS Monterey 12.6.7
macOS Ventura prior to 13.4.1macOS Ventura 13.4.1
watchOS prior to 9.5.2watchOS 9.5.2

Mitigations and Workarounds

Apply the stable channel updates provided by Apple (mentioned above) immediately to the vulnerable systems.

Best Practices

It is a recommended to update the Apple operating systems with the latest updates. Users should regularly check for vulnerabilities and bugs in Apple products and apply the fixes as soon as it is available.

Netsurion Detection and Response

Netsurion’s vulnerability management system is being updated to detect the vulnerability (CVE-2023-32434, CVE-2023-32435, CVE-2023-32439) for customers who have subscribed to Netsurion Vulnerability Management.

References:

  1. https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-apple-products-could-allow-for-arbitrary-code-execution_2023-066
  2. https://www.cisa.gov/news-events/alerts/2023/06/22/apple-releases-security-updates-multiple-products
  3. https://support.apple.com/en-us/HT213814
  4. https://thehackernews.com/2023/06/zero-day-alert-apple-releases-patches.html
  5. https://www.bleepingcomputer.com/news/apple/apple-fixes-zero-days-used-to-deploy-triangulation-spyware-via-imessage/
Cybersecurity Updates
Latest Advisory Alerts

Palo Alto PAN-OS Command Injection Vulnerability

D-Link NAS Command Injection Vulnerability

VMware ESXi, Workstation, and Fusion Vulnerabilities

Latest Data Source Integrations

AWS Key Management Service (KMS)

Have I Been Pwned

SentinelOne

Latest Enhancements

Netsurion Open XDR Now Supports PCI DSS 4.0

Extended Data Source Integrations and Alerts Released for Essentials

Enriched Application Control in Open XDR 9.4