Published: September 26, 2023
Overview
Apple has discovered and patched several security vulnerabilities that affect millions of iPhones, iPads, Macs, Apple Watches, and Safari. These vulnerabilities (CVE-2023-41991 CVSS Score-5.5, CVE-2023-41992 CVSS Score-7.8 and CVE-2023-41992 CVSS Score-9.8) could allow attackers to bypass signature validation, privilege escalation, and arbitrary code execution. Apple said it is aware of a report that some of these vulnerabilities may have been actively exploited. Users are advised to update their devices to the latest software versions as soon as possible.
Impact
Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution.
- CVE-2023-41991: A malicious app may be able to bypass signature validation. This means that an attacker could potentially trick a device into running unauthorized code or software. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
- CVE-2023-41992: A local attacker may be able to elevate their privileges. This means that an attacker with access to the device could potentially gain increased control over the device, beyond what is normally allowed for their user level.
- CVE-2023-41993: Processing web content may lead to arbitrary code execution. This means that simply visiting a malicious website or opening a malicious web content could potentially allow an attacker to execute arbitrary code on the device. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
The Apple platforms which have been impacted by these vulnerabilities are:
- iOS – mobile operating system present in iPhone, iPad and iPod
- iPadOS – operating system for iPads
- macOS – operating system for Apple desktops and laptops
- watchOS – operating system based on iOS for Apple watch
- Safari browser on Apple devices
Applicable Versions
| Affected Version | Updated Version |
|---|---|
| iOS prior to 16.7 | iOS 16.7 |
| iPadOS prior to 16.7 | iPadOS 16.7 |
| iOS prior to 17.0.1 | iOS 17.0.1 |
| iPadOS prior to 17.0.1 | iPadOS 17.0.1 |
| macOS Monterey prior to 12.7 | macOS Monterey prior to 12.7 |
| macOS Ventura prior to 13.6 | macOS Ventura prior to 13.6 |
| watchOS prior to 9.6.3 | watchOS prior to 9.6.3 |
| watchOS prior to 10.0.1 | watchOS prior to 10.0.1 |
| Safari prior to 16.6.1 | Safari prior to 16.6.1 |
Mitigations and Workarounds
It is advised that users apply the updates provided by Apple (mentioned above) immediately to any vulnerable systems.
Best Practices
It is a good practice to update Apple operating systems with the latest updates. Users should regularly check for vulnerabilities and bugs in Apple products and apply the fixes as soon as they are available.
Netsurion Detection and Response
Netsurion’s vulnerability management system is being updated to detect these vulnerabilities (CVE-2023-41991, CVE-2023-41992, CVE-2023-41993) for customers who have subscribed to Netsurion Vulnerability Management.
References:
- https://packetstormsecurity.com/files/cve/CVE-2023-41991
- https://packetstormsecurity.com/files/cve/CVE-2023-41992
- https://packetstormsecurity.com/files/cve/CVE-2023-41993
- https://support.apple.com/en-us/HT213931
- https://www.tenable.com/cve/CVE-2023-41991
- https://www.tenable.com/cve/CVE-2023-41992
- https://www.tenable.com/cve/CVE-2023-41993
- https://thehackernews.com/2023/09/apple-rushes-to-patch-3-new-zero-day.html
- https://www.bleepingcomputer.com/news/apple/apple-emergency-updates-fix-3-new-zero-days-exploited-in-attacks/