Apple Warns of 3 New Vulnerabilities Affecting iPhone, iPad, and Mac Devices

Apple
has
revised
the

security
advisories
it
released
last
month
to
include
three
new
vulnerabilities
impacting

iOS,
iPadOS,
and

macOS.

The
first
flaw
is
a

race
condition
in
the
Crash
Reporter
component
(CVE-2023-23520)
that
could
enable
a
malicious
actor
to
read
arbitrary
files
as
root.
The
iPhone
maker
said
it
addressed
the
issue
with
additional
validation.

The
two
other
vulnerabilities,
credited
to
Trellix
researcher
Austin
Emmitt,
reside
in
the

Foundation
framework
(CVE-2023-23530
and
CVE-2023-23531)
and
could
be
weaponized
to
achieve
code
execution.

“An
app
may
be
able
to
execute
arbitrary
code
out
of
its
sandbox
or
with
certain
elevated
privileges,”
Apple
said,
adding
it
patched
the
issues
with
“improved
memory
handling.”

The
medium
to
high-severity
vulnerabilities
have
been
patched
in
iOS
16.3,
iPadOS
16.3,
and
macOS
Ventura
13.2
that
were
shipped
on
January
23,
2023.

Trellix,
in
its
own
report
on
Tuesday,

classified
the
two
flaws
as
a
“new
class
of
bugs
that
allow
bypassing
code
signing
to
execute
arbitrary
code
in
the
context
of
several
platform
applications,
leading
to
escalation
of
privileges
and
sandbox
escape
on
both
macOS
and
iOS.”

The
bugs
also
bypass
mitigations
Apple
put
in
place
to
address
zero-click
exploits
like

FORCEDENTRY
that
was
leveraged
by
Israeli
mercenary
spyware
vendor
NSO
Group
to
deploy
Pegasus
on
targets’
devices.

As
a
result,
a
threat
actor
could
exploit
these
vulnerabilities
to
break
out
of
the
sandbox
and
execute
malicious
code
with
elevated
permissions,
potentially
granting
access
to
calendar,
address
book,
messages,
location
data,
call
history,
camera,
microphone,
and
photos.

Even
more
troublingly,
the
security
defects
could
be
abused
to
install
arbitrary
applications
or
even
wipe
the
device.
That
said,
exploitation
of
the
flaws
requires
an
attacker
to
have
already
obtained
an
initial
foothold
into
it.

“The
vulnerabilities
above
represent
a
significant
breach
of
the
security
model
of
macOS
and
iOS
which
relies
on
individual
applications
having
fine-grained
access
to
the
subset
of
resources
they
need
and
querying
higher
privileged
services
to
get
anything
else,”
Emmitt
said.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts