Apple has released patches to address multiple vulnerabilities impacting popular products, including iOS and iPadOS. Two of the vulnerabilities, CVE-2024-23225 and CVE-2024-23296, were reportedly exploited in attacks against iOS and macOS. Apple mentioned in the advisory that it is aware of the exploitation of the vulnerabilities.
Tag: iOS
Apple Releases Patch for Zero-day Vulnerabilities Used in Attack Against iOS and macOS (CVE-2024-23222, CVE-2023-42916, & CVE-2023-42917)
Threat actors are using CVE-2024-23222, CVE-2023-42916, and CVE-2023-42917 vulnerabilities in attacks against iOS and Macs. Apple has addressed the vulnerabilities in products such as Safari, iOS, iPadOS, macOS, watchOS, and tvOS. Along with the zero-day vulnerability, Apple has addressed multiple vulnerabilities affecting its popular products. CISA has added the CVE-2024-23222 to its Known Exploited Vulnerabilities Catalog, … Continue reading “Apple Releases Patch for Zero-day Vulnerabilities Used in Attack Against iOS and macOS (CVE-2024-23222, CVE-2023-42916, & CVE-2023-42917)”
CISA Added Two WebKit Vulnerabilities to its Known Exploited Vulnerabilities Catalog (CVE-2023-42916 & CVE-2023-42917)
CISA has also acknowledged the active exploitation of two vulnerabilities in the Apple WebKit browser engine. CISA has added the vulnerabilities to its Known Exploited Vulnerabilities Catalog and requested users to patch it before Dec 25, 2023. Clément Lecigne of Google’s Threat Analysis Group has discovered the CVE-2023-42916 and CVE-2023-42917. Apple, in its advisory, has mentioned … Continue reading “CISA Added Two WebKit Vulnerabilities to its Known Exploited Vulnerabilities Catalog (CVE-2023-42916 & CVE-2023-42917)”
Apple Addressed Two Zero-day Vulnerabilities Affecting iOS and iPadOS (CVE-2023-42824 & CVE-2023-5217)
Apple has released an emergency update to fix an actively exploited zero-day vulnerability. CVE-2023-42824 is a critical severity vulnerability affecting iPhones and iPads. A local attacker can exploit the vulnerability that exists in the XNU kernel to gain privileges. Apple has fixed the vulnerability with improved checks. Apple has mentioned in their advisories that they … Continue reading “Apple Addressed Two Zero-day Vulnerabilities Affecting iOS and iPadOS (CVE-2023-42824 & CVE-2023-5217)”
Apple Patched Three Zero-days Affecting iOS, iPadOS, macOS Ventura, Safari (CVE-2023-41991, CVE-2023-41992, & CVE-2023-41993)
Apple has released emergency updates to address three zero-day vulnerabilities in multiple popular products. Tracked as CVE-2023-41991, CVE-2023-41992, and CVE-2023-41993, the vulnerabilities may allow attackers to elevate privileges, perform arbitrary code execution, and bypass signature validation. Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School and Maddie Stone of Google’s Threat … Continue reading “Apple Patched Three Zero-days Affecting iOS, iPadOS, macOS Ventura, Safari (CVE-2023-41991, CVE-2023-41992, & CVE-2023-41993)”
Apple Releases Emergency Updates to Address Zero-day Vulnerabilities in macOS Ventura, iOS, and iPadOS (CVE-2023-41064 & CVE-2023-41061)
The Citizen Lab at The University of Torontoʼs Munk School has discovered two critical severity vulnerabilities in Apple macOS Ventura, iOS, and iPadOS. Tracked as CVE-2023-41064 and CVE-2023-41061, the vulnerabilities may allow an attacker to perform arbitrary code execution. Apple is aware of the active exploitation of these vulnerabilities. The Citizen Lab has mentioned in … Continue reading “Apple Releases Emergency Updates to Address Zero-day Vulnerabilities in macOS Ventura, iOS, and iPadOS (CVE-2023-41064 & CVE-2023-41061)”
Apple Patches Zero-day Vulnerability Used in Attacks Against iOS 15.7.1 (CVE-2023-38606)
Apple has released a patch to address a zero-day vulnerability (CVE-2023-38606). The security updates fix the vulnerability in multiple products such as macOS Ventura, Monterey, Big Sur, iOS, and iPadOS. Apple has mentioned in the advisory that they are aware of the active exploitation of the vulnerability in attacks against versions of iOS 15.7.1. Valentin … Continue reading “Apple Patches Zero-day Vulnerability Used in Attacks Against iOS 15.7.1 (CVE-2023-38606)”
Apple Patches Actively Exploited Zero-day Vulnerability in macOS Ventura, iOS and iPadOS (CVE-2023-37450)
Apple has released patches for an actively exploited zero-day vulnerability in macOS Ventura, iOS, and iPadOS. Apple has mentioned in the advisory that they are aware of the issue being exploited. The vulnerability, CVE-2023-37450, was reported by an anonymous researcher. CISA has added the zero-day vulnerability to its Known Exploited Vulnerabilities Catalog and recommended users … Continue reading “Apple Patches Actively Exploited Zero-day Vulnerability in macOS Ventura, iOS and iPadOS (CVE-2023-37450)”
Apple Patches Actively Exploited Zero-day Vulnerabilities in iOS and iPadOS (CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439)
Apple has released multiple security advisories to address vulnerabilities in macOS, Safari, iOS, and iPadOS. Apple has mentioned in the advisory that they are aware of a report that the vulnerabilities may have been actively exploited. CVE-2023-32434 and CVE-2023-32435 were discovered by Georgy Kucherin, Leonid Bezvershenko, and Boris Larin of Kaspersky, while CVE-2023-32439 was reported to … Continue reading “Apple Patches Actively Exploited Zero-day Vulnerabilities in iOS and iPadOS (CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439)”
Apple Patches Two Actively Exploited Vulnerabilities in macOS Ventura and Safari (CVE-2023-28205 & CVE-2023-28206)
Apple has released patches of two zero-day vulnerabilities in macOS Ventura. Apple has mentioned in the advisory that they are aware of the issues being exploited in the wild. The vulnerabilities are assigned with CVE-2023-28206 and CVE-2023-28205. Both vulnerabilities are discovered by Clément Lecigne of Google’s Threat Analysis Group and Donncha Ó Cearbhaill of Amnesty … Continue reading “Apple Patches Two Actively Exploited Vulnerabilities in macOS Ventura and Safari (CVE-2023-28205 & CVE-2023-28206)”