Apple has taken measures to address two zero-day vulnerabilities detected in iOS, which were actively exploited in the wild. The tech giant promptly issued emergency security updates to patch the vulnerabilities.
CVE-2024-23225 and CVE-2024-23296
Acknowledging the severity of the situation, Apple issued an advisory on Tuesday, confirming its awareness of the reported exploits. The vulnerabilities, identified as CVE-2024-23225 in the iOS Kernel and CVE-2024-23296 in RTKit, granted attackers arbitrary kernel read and write capabilities, allowing them to bypass crucial kernel memory protections.
To counter these vulnerabilities, Apple rolled out security patches for devices running iOS 17.4, iPadOS 17.4, iOS 16.76, and iPad 16.7.6. These updates include improved input validation mechanisms, aimed at improving device security against potential threats.
The scope of impacted Apple devices is extensive, including various iPhone and iPad models, including iPhone XS and later, iPhone 8, iPhone 8 Plus, iPhone X, and several generations of iPads.
Despite Apple’s reticence on the origins of the zero-day disclosures, it’s worth noting that iOS zero-day vulnerabilities are frequently exploited in state-sponsored espionage campaigns. Such campaigns usually target individuals deemed high-risk, including journalists, opposition figures, and activists.
While there’s no indication from Apple of ongoing exploitation in the wild, installing the security updates as soon as possible is a must. Timely action is crucial in blocking potential attack attempts and protecting user privacy against malicious intruders.
It is also noteworthy that this latest security incident involving CVE-2024-23225 and CVE-2024-23296 marks the third instance of Apple addressing zero-day vulnerabilities in 2024. Reflecting on the previous year, Apple patched a total of 20 zero-day exploits:
- CVE-2023-42916 and CVE-2023-42917 in November
- CVE-2023-42824 and CVE-2023-5217 in October
- CVE-2023-41061, CVE-2023-41064, CVE-2023-41991, CVE-2023-41992, and CVE-2023-41993 in September
- CVE-2023-37450 and CVE-2023-38606 in July
- CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439 in June
- CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373 in May
- CVE-2023-28206 and CVE-2023-28205 in April
- CVE-2023-23529 in February
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: