WARNING: New Actively exploited zero-day vulnerability affecting all Apple products
Referentie:
Advisory #2023-86
Versie:
1.0
Geïmpacteerde software:
Safari < 16.6
iOS < 16.6 and iPadOS < 16.6
iOS < 15.7.8 and iPadOS < 15.7.8
macOS Ventura < 13.5
macOS Monterey < 12.6.8
macOS Big Sur < 11.7.9
tvOS < 16.6
watchOS < 9.6
Type:
Modification of sensitive kernel state
CVE/CVSS:
CVE-2023-38606
Datum:
25/07/2023
Bronnen
https://support.apple.com/it-it/HT213841
Risico’s
This vulnerability impacts Apple’s whole product spectrum, which is rather exceptional.
Furthermore, the vulnerability is now being actively exploited in attacks that aim at deploying the TriangleDB spyware.
TriangleDB has been observed to be in use by an unknown Advanced Persistent Threat in a sophisticated mobile cyber espionage campaign (Operation Triangulation). The malware has the capability to take complete control of a victim’s device and data.
Beschrijving
CVE-2023-38606: Modification of sensitive kernel state.
An app may exploit a kernel vulnerability to modify sensitive kernel state. There is no additional information at this point of time regarding the vulnerability.
Aanbevolen acties
The Centre for Cyber Security Belgium strongly recommends users proactively install the new OS versions by manually initiating the update on their devices.
Referenties
https://www.bleepingcomputer.com/news/apple/apple-fixes-new-zero-day-used-in-attacks-against-iphones-macs/
https://securityaffairs.com/147717/malware/triangledb-implant-used-operation-triangulation.html
https://thehackernews.com/2023/07/apple-rolls-out-urgent-patches-for-zero.html