Actively Exploited Apple Zero-Day Affects iPhone Kernel

Apple has addressed multiple security vulnerabilities in an emergency patch drop, one of which is a zero-day vulnerability tracked as CVE-2023-38606 being actively exploited in the wild.

This is the latest resolved zero-day bug in a series of 11 such flaws affecting its software in 2023 alone. In its advisory, the company noted that the vulnerability can be exploited on iPhones and iPads by an app that may have malicious intentions to potentially modify the sensitive kernel state.

It also stated that this vulnerability was addressed with improved state management, and that "Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1."

Five Kaspersky security researchers were credited with finding the flaw; that team also earlier this year discovered a series of Apple zero-day flaws connected to "Operation Triangulation," a sophisticated iOS cyberespionage spy campaign that proved to be ongoing since 2019. The three relevant vulnerabilities — used to deploy TriangleDB spying implants on iOS devices — are known as CVE-2023-46690, CVE-2023-32434, and CVE-2023-32439.

The latest patches are available for multiple Apple products, including the iPhone 8 and later, all iPad Pro models, and the iPad Air 3rd generation, iPad 5th generation, and iPad mini 5th generation and later.