Two known exploited critical vulnerabilities fixed in Apple products

Reference:
Advisory #2023-038

Version:
1.0

Affected software:
iOS
iPadOS
macOS Big Sur
macOS Monterey
macOS Ventura

Type:
Out-of-bounds write and use after free issues

CVE/CVSS:
CVE-2023-28205CVE-2023-28206

Sources

Apple: macOS Big Sur 11.7.6 - https://support.apple.com/en-us/HT213725

Apple: iOS 15.7.5 and iPadOS 15.7.5 - https://support.apple.com/en-us/HT213723

Apple: iOS macOS Monterey 12.6.5 - https://support.apple.com/en-us/HT213724

Apple: Safari 16.4.1 - https://support.apple.com/en-us/HT213722

Apple: iOS 16.4.1 and iPadOS 16.4.1 - https://support.apple.com/en-us/HT213720

Apple: macOS Ventura 13.3.1 - https://support.apple.com/en-us/HT213721

Risks

Apple has released security updates for iOS, iPadOS, macOS, and Safari to address two critical vulnerabilities. Apple has stated they are aware these issues are actively exploited. CISA has added these vulnerabilities to their Known Exploited Vulnerabilities (KEV) list.

These vulnerabilities could allow an attacker to run malicious code on a vulnerable device and elevate their privileges.

Description

CVE-2023-28205

* A flaw in "IOSurfaceAccelerator" might allow an app to execute code with kernel privileges.

CVE-2023-28206

* Executing maliciously crafted web content may lead to arbitrary code execution.

Recommended Actions

The Centre for Cybersecurity Belgium recommends system administrators to patch vulnerable systems as soon as possible and to analyse system and network logs for any suspicious activity.

Update the installation to one of the latest versions:

* macOS Big Sur 11.7.6

* macOS Monterey 12.6.5

* iOS 15.7.5 and iPadOS 15.7.5

* Safari 16.4.1

* iOS 16.4.1 and iPadOS 16.4.1

* macOS Ventura 13.3.1

References

CISA - https://www.cisa.gov/news-events/alerts/2023/04/10/cisa-adds-two-known-exploited-vulnerabilities-catalog