iOS 16.3[.1] fixed loophole that allowed arbitrary code execution

A Apple yesterday added three new security notes related to iOS 16.3 and one action iOS 16.3.1. The first three refer to a vulnerability which allowed arbitrary code to be executed on iPhones, iPads and Macs, circumventing the security protections of the devices.

According to Trellix, failures are medium to high severity. They were initially revealed when CitizenLab discovered the ForcedEntry, a vulnerability that required no interaction used to hack a Saudi Arabian activist’s iPhone. This loophole exploited NSPredicate, a tool responsible for filtering code on Apple systems.

With that, a cracker might access areas of the system that should remain secure, such as the SpringBoard, which manages the iPhone’s Home screen and has access to location data, photos and the camera. Second Doug McKeedirector of vulnerability research at Trellix, the breach represents a high level of sophistication, in addition to being exploited in an area where attacks were not even thought to exist.

The first iOS 16.3 security note refers to the flaw classified as CVE-2023-23520, which allowed arbitrary files to be read as root. The second and third, respectively classified as CVE-2023-23530 and CVE-2023-23531, had the impact of an application being able to execute arbitrary codes outside the sandbox and with elevated privileges.

The iOS 16.3.1 security note, meanwhile, mentions the processing of a malicious certificate that might lead to a denial of service attack (denial of service, or DoS). There is also another note regarding a vulnerability in WebKit, also regarding malicious code execution, and that “may have been actively exploited”.

Both iOS 16.3.1 and — yes, Macs are also affected to some extent — macOS Ventura 13.2.1 (and later versions) fix these flaws. Run now to update your gadgets and avoid headaches!

via 9to5Mac

Leave a Replay