WARNING: New Actively exploited zero-day vulnerability affecting all Apple products
Reference:
Advisory #2023-86
Version:
1.0
Affected software:
Safari < 16.6
iOS < 16.6 and iPadOS < 16.6
iOS < 15.7.8 and iPadOS < 15.7.8
macOS Ventura < 13.5
macOS Monterey < 12.6.8
macOS Big Sur < 11.7.9
tvOS < 16.6
watchOS < 9.6
Type:
Modification of sensitive kernel state
CVE/CVSS:
CVE-2023-38606
Date:
25/07/2023
Sources
https://support.apple.com/it-it/HT213841
Risks
This vulnerability impacts Apple’s whole product spectrum, which is rather exceptional.
Furthermore, the vulnerability is now being actively exploited in attacks that aim at deploying the TriangleDB spyware.
TriangleDB has been observed to be in use by an unknown Advanced Persistent Threat in a sophisticated mobile cyber espionage campaign (Operation Triangulation). The malware has the capability to take complete control of a victim’s device and data.
Description
CVE-2023-38606: Modification of sensitive kernel state.
An app may exploit a kernel vulnerability to modify sensitive kernel state. There is no additional information at this point of time regarding the vulnerability.
Recommended Actions
The Centre for Cyber Security Belgium strongly recommends users proactively install the new OS versions by manually initiating the update on their devices.
References
https://www.bleepingcomputer.com/news/apple/apple-fixes-new-zero-day-used-in-attacks-against-iphones-macs/
https://securityaffairs.com/147717/malware/triangledb-implant-used-operation-triangulation.html
https://thehackernews.com/2023/07/apple-rolls-out-urgent-patches-for-zero.html