Blastpass

Vulnerability Profile Updated 3 months ago

Download STIX

Preview STIX

Blastpass is a significant software vulnerability that was revealed in September 2023 by Citizen Lab. The flaw, which resides in Apple's software design and implementation, has been exploited by attackers to infiltrate devices with Pegasus spyware. The exploit is particularly potent as it uses a zero-click mechanism, allowing an attacker to compromise a device without any user interaction. It was found being actively exploited in attacks on iPhones running the latest version of iOS (16.6), even if the device's software was updated. The Blastpass vulnerability was added to the Known Exploited Vulnerabilities Catalog by the US Cybersecurity and Infrastructure Security Agency (CISA). This move highlights the severity and widespread exploitation of the flaw. The individual associated with exploiting this vulnerability is known to use the Apple ID [email protected]. The Blastpass exploit has been linked to multiple cyberattacks over the past several decades, including the infamous Morris worm of 1988, due to its root cause: memory safety vulnerabilities. Anjana Rajan, Assistant National Cyber Director for Technology Security, emphasized the gravity of these memory safety vulnerabilities, citing high-profile cyberattacks like the Slammer worm of 2003, Heartbleed in 2014, Trident in 2016, and the recent Blastpass in 2023. These attacks have resulted in substantial real-world damage to systems that society relies on every day. Therefore, the elimination of memory-safety vulnerabilities is crucial to prevent such cyberattacks in the future.

What's your take? (Question 1 of 5)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.

ID	Votes	Profile Description
CVE-2023-41061	1	CVE-2023-41061 is a significant software vulnerability that was discovered in Apple's Wallet frameworks. This flaw allows for remote code execution, making it possible for malicious actors to execute arbitrary code on vulnerable devices through the manipulation of a "validation issue". The discovery
CVE-2023-41064	1	CVE-2023-41064 is a software vulnerability, specifically a buffer overflow issue found in the iOS ImageIO component. This flaw was discovered and reported by researchers at Citizen Lab in early September. It was being actively exploited as part of an exploit chain, along with another vulnerability (

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Exploit

Ios

Spyware

Zero Day

Vulnerability

IpadOS

Apple

Worm

Imessage

Cybercrime

Google

Traversal

Tool

Palestine

NSO Group

Malware

Exploits

Israeli

Linux

Chrome

Known Exploi...

Associated Malware

To see the evidence that has resulted in this association, create a free account

ID	Type	Votes	Profile Description
Pegasus	Unspecified	5	Pegasus is a highly sophisticated malware developed by the NSO Group, known for its advanced and invasive capabilities. It is classified as mercenary spyware, often used by governments to target individuals such as journalists, political activists, and others of interest. Pegasus is particularly not

Associated Threat Actors

To see the evidence that has resulted in this association, create a free account

ID	Type	Votes	Profile Description
No associations to display

Associated Vulnerabilities

To see the evidence that has resulted in this association, create a free account

ID	Type	Votes	Profile Description
CVE-2023-4863	Unspecified	1	CVE-2023-4863 is a critical vulnerability that has been identified in various major software applications, including Microsoft Windows and Server, Microsoft Edge, Microsoft Office, Word and 365 Apps, Google Chrome, Mozilla Firefox and Thunderbird, and the libwebp library used for handling WebP bitma

Source Document References

Information about the Blastpass Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source	CreatedAt	Title
CERT-EU	5 months ago	White House Calls on Software Devs to go 'Memory Safe' for a Secure Future \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware \| National Cyber Security Consulting
CERT-EU	5 months ago	White House: Use memory-safe programming languages to protect the nation - Help Net Security
CERT-EU	5 months ago	White House to Software Developers: Use Memory Safe Languages
CERT-EU	5 months ago	White House urges software developers to use memory-safe programming languages
InfoSecurity-magazine	5 months ago	White House Urges Tech Industry to Eliminate Memory Safety Vulnerabili
CERT-EU	5 months ago	16 - 19 April : Black Hat Announces Content Lineup for Black Hat Asia 2024 – Global Security Mag Online
CERT-EU	7 months ago	Is Pegasus spyware targeting journalists in India?
CERT-EU	7 months ago	Pegasus Spyware found on Indian journalists’ phones after Apple alert: Amnesty International
CERT-EU	7 months ago	Apple warnings of possible government hacking drew ire of Indian officials \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #hacker \| National Cyber Security Consulting
CERT-EU	8 months ago	Jamf Threat Labs: Fake Lockdown Mode proof of concept
CERT-EU	8 months ago	Fake Lockdown Mode Exposes iOS Users to Malware Attacks
CERT-EU	8 months ago	CVE-2023-42916: Apple Zero-Days Exploited in the Wild
Securityaffairs	a year ago	Zero-days fixed by Apple were used to deliver Pegasus spyware
InfoSecurity-magazine	a year ago	Apple Patches Two Zero-Days Exploited in Pegasus Attacks
CERT-EU	10 months ago	Recently patched Apple, Chrome zero-days exploited in spyware attacks
CERT-EU	9 months ago	Apple fixes iOS Kernel zero-day vulnerability on older iPhones
Securityaffairs	10 months ago	Watch out! CVE-2023-5129 in libwebp library affects millions apps
CERT-EU	10 months ago	Critical libwebp Vulnerability Under Active Exploitation - Gets Maximum CVSS Score
CERT-EU	10 months ago	Google assigns new maximum rated CVE to libwebp bug exploited in attacks
Malwarebytes	10 months ago	Emergency update! Apple patches three zero-days