Apple announced on Tuesday the discovery of two iOS vulnerabilities that it believes may have been exploited. The tech giant released security updates for iOS 17.4 and iPadOS 17.4 to address the zero-day flaws known as CVE-2024-23225 and CVE-2024-23296. CVE-2024-23225 is described as a memory corruption issue affecting the kernel, potentially allowing attackers with arbitrary kernel read and write capabilities to bypass memory protections. On the other hand, CVE-2024-23296, although similar in description, is specific to RTKit, an operating system found in Apple chips, peripherals, and embedded devices.

The affected devices include the iPhone XS and later models, iPad Pro 12.9-inch 2nd generation and newer, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and beyond, as well as the iPad 6th generation and later, and iPad mini 5th generation and later.

Apple did not provide specific details or credit any researchers in their security advisory, but they did mention that both vulnerabilities may have been exploited in the wild. The company addressed these issues through “improved validation” but did not assign a CVSS score to the vulnerabilities at the time of the announcement.

Kaspersky, a well-known cybersecurity company, highlighted the concerning capability of these flaws to bypass kernel memory protections, potentially leading to privilege escalation. They also noted the absence of credited researchers, indicating a possible ongoing investigation. Kaspersky urged all iOS users to update their devices promptly to protect themselves from potential risks.

When approached for comments, an Apple spokesperson declined to provide any additional information.

These recent vulnerabilities, CVE-2024-23225 and CVE-2024-23296, mark the second and third zero-day flaws that Apple has addressed in 2024. The first zero-day, CVE-2024-23222, was resolved in January through a similar update. This particular flaw involved a type confusion issue in WebKit, where processing malicious web content could result in arbitrary code execution.

Apple has been forthcoming about disclosing zero-day vulnerabilities in recent years, with many of them linked to exploits utilized by the commercial spyware industry. In September of the same year, the company disclosed three vulnerabilities that impacted iOS and iPadOS. Researchers Bill Marczak from Citizen Lab and Maddie Stone from Google’s Threat Analysis Group were credited with discovering these zero-day flaws. Following the disclosure, Citizen Lab researchers published a blog post connecting the vulnerabilities to an exploit chain used to deliver Cytrox’s Predator spyware.

The continuous discovery and remediation of these vulnerabilities underscore the importance of ongoing vigilance in cybersecurity efforts. Users are advised to stay updated with the latest security patches and take necessary precautions to safeguard their data and devices from potential threats.

As the cybersecurity landscape evolves, industry experts continue to collaborate and innovate to address emerging challenges and protect digital ecosystems against malicious actors and cyber threats.

Source link