Request a Demo
Rewterz
Rewterz Threat Alert – STOP (DJVU) Ransomware – Active IOCs
May 22, 2023
Rewterz
Rewterz Threat Advisory –ICS: Johnson Controls OpenBlue Enterprise Manager Data Collector Vulnerabilities
May 22, 2023

Rewterz Threat Advisory – Multiple Apple iOS and iPadOS Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2023-32397 CVSS:5.5

Apple iOS and iPadOS could allow a remote attacker to bypass security restrictions, caused by a logic issue in the Shell component. By persuading a victim to open a specially crafted application, an attacker could exploit this vulnerability to modify protected parts of the file system.

CVE-2023-32410 CVSS:5.5

Apple iOS and iPadOS could allow a local attacker to obtain sensitive information, caused by an out-of-bounds read flaw in the IOSurface component. By persuading a victim to open a specially crafted application, an attacker could exploit this vulnerability to obtain sensitive kernel state information, and use this information to launch further attacks against the affected system.

CVE-2023-28181 CVSS:7.8

Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the CoreCapture comment. By persuading a victim to open a specially crafted application, an attacker could exploit this vulnerability to execute arbitrary code with kernel privileges.

CVE-2023-23532 CVSS:5.5

Apple iOS and iPadOS could allow a remote attacker to bypass security restrictions, caused by a flaw in Apple Neural Engine component. By persuading a victim to open a specially crafted application, an attacker could exploit this vulnerability to break out of its sandbox.

CVE-2023-32404 CVSS:5.5

Apple iOS and iPadOS could allow a remote attacker to bypass security restrictions, caused by a flaw in the Shortcuts component. By persuading a victim to open a specially-crafted application, an attacker could exploit this vulnerability to bypass Privacy preferences.

CVE-2023-32367 CVSS:5.5

Apple iOS and iPadOS could allow a remote attacker to obtain sensitive information, caused by a flaw in the Security component. By persuading a victim to open a specially crafted application, an attacker could exploit this vulnerability to access user-sensitive data, and use this information to launch further attacks against the affected system.

CVE-2023-32385 CVSS:5.5

Apple iOS and iPadOS are vulnerable to a denial of service, caused by a flaw in the PDFKit component. By persuading a victim to open a specially crafted PDF file, a remote attacker could exploit this vulnerability to cause unexpected app termination.

CVE-2023-32352 CVSS:5.5

Apple iOS and iPadOS could allow a remote attacker to bypass security restrictions, caused by a logic issue in the LaunchServices component. By persuading a victim to open a specially-crafted application, an attacker could exploit this vulnerability to bypass Gatekeeper checks.

CVE-2023-32371 CVSS:5.5

Apple iOS and iPadOS could allow a remote attacker to bypass security restrictions, caused by a flaw in the Associated Domains component. By persuading a victim to open a specially-crafted application, an attacker could exploit this vulnerability to break out of its sandbox.

CVE-2023-32400 CVSS:7.7

Apple iOS and iPadOS could allow a local attacker to bypass security restrictions, caused by an improper permission flaw in the Accessibility component. By using a specially-crafted application, an attacker could exploit this vulnerability to grant entitlements and privacy permissions.

CVE-2023-32391 CVSS:3.5

Apple iOS and iPadOS could allow a physical attacker to bypass security restrictions, caused by a flaw in the Shortcuts component. By perform specially crafted operations, an attacker could exploit this vulnerability to use sensitive data with certain actions without prompting the user.

CVE-2023-32365 CVSS:3.5

Apple iOS and iPadOS could allow a physical attacker to bypass security restrictions, caused by a flaw in the Photos component. By perform specially crafted operations using Shake-to-undo, an attacker could exploit this vulnerability to allow deleted photo to be re-surfaced without authentication.

CVE-2023-32419 CVSS:9.8

Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Cellular component. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2023-32411 CVSS:5.5

Apple iOS and iPadOS could allow a remote attacker to bypass security restrictions, caused by a flaw in the AppleMobileFileIntegrity component. By persuading a victim to open a specially-crafted application, an attacker could exploit this vulnerability to bypass Privacy preferences.

Impact

  • Code Execution
  • Denial of Service
  • Security Bypass
  • Information Disclosure

Indicators Of Compromise

CVE

  • CVE-2023-32397
  • CVE-2023-32410
  • CVE-2023-28181
  • CVE-2023-23532
  • CVE-2023-32404
  • CVE-2023-32367
  • CVE-2023-32385
  • CVE-2023-32352
  • CVE-2023-32371
  • CVE-2023-32400
  • CVE-2023-32391
  • CVE-2023-32365
  • CVE-2023-32419
  • CVE-2023-32411

Affected Vendors

Apple

Affected Products

  • Apple iOS 15.7.5
  • Apple iPadOS 15.7.5
  • Apple iOS 16.4
  • Apple iPadOS 16.4

Remediation

Refer to Apple Security Advisory for patch, upgrade or suggested workaround information.

Apple iOS and iPadOS 15.7.5

Apple iOS and iPadOS 16.4