CVE-2023-32434

Vulnerability updated 5 months ago (2024-11-29T14:13:18.593Z)

Download STIX

Preview STIX

CVE-2023-32434 is a high severity software vulnerability that allows for arbitrary code execution with kernel privileges. This flaw, along with two others (CVE-2023-32435 and CVE-2023-32439), were identified as zero-days in June 2023, exploited to deploy the Triangulation spyware via iMessage. The same month, Apple recognized and addressed these vulnerabilities with the release of iOS/iPadOS 16.5.1 and iOS/iPadOS 15.7.7, on June 21, 2023. The subsequent months saw a series of interventions to address various zero-day vulnerabilities, including CVE-2023-32434. In particular, this vulnerability was leveraged again in a shellcode that activated another kernel exploit using a Mach object file, alongside CVE-2023-38606. These incidents underlined the persistence and severity of CVE-2023-32434, which remained a critical security concern despite initial patches. To comprehensively tackle these threats, Apple released security updates addressing four zero-day vulnerabilities: CVE-2023-32434, CVE-2023-32435, CVE-2023-38606, and CVE-2023-41990. These updates aimed to secure a wide range of Apple products, including iPhones, iPods, iPads, macOS devices, Apple TV, and Apple Watch. By doing so, Apple demonstrated its commitment to maintaining robust security measures against evolving cyber threats.

Description last updated: 2024-03-14T17:23:06.340Z

What's your take? (Question 1 of 5)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Apple

Vulnerability

Exploit

Operation Tr...

Zero Day

Ios

Macos

Webkit

exploited

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

Alias Description	Association Type	Votes
The TriangleDB Malware is associated with CVE-2023-32434. TriangleDB is a sophisticated malware implant targeting iOS devices, discovered as part of a likely state-sponsored cyber-espionage campaign named Operation Triangulation. The malware was first disclosed by Kaspersky researchers in June, revealing its deployment through a new zero-click iOS attack.	Unspecified	2

Associated Vulnerabilities

To see the evidence that has resulted in these vulnerability associations, create a free account

Alias Description	Association Type	Votes
The cve-2023-38606 Vulnerability is associated with CVE-2023-32434. CVE-2023-38606 is a significant kernel flaw that affects iOS, iPadOS, and macOS-powered devices. This vulnerability was actively exploited against versions of iOS released before iOS 15.7.1. Threat actors exploited this zero-day to gain root privileges on a victim’s iOS device, and then deployed an	Unspecified	3
The vulnerability cve-2023-32435 is associated with CVE-2023-32434.	Unspecified	3
The CVE-2023-32439 Vulnerability is associated with CVE-2023-32434. CVE-2023-32439 is a significant vulnerability discovered in Apple's WebKit browser engine. This flaw stems from a type confusion issue that could lead to arbitrary code execution if an affected device processes maliciously crafted web content. The vulnerability was reported by an anonymous source an	Unspecified	2
The vulnerability CVE-2023-41990 is associated with CVE-2023-32434.	Unspecified	2

Source Document References

Information about the CVE-2023-32434 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
DARKReading	a year ago	Patch Now: Apple Zero-Day Exploits Bypass Kernel Security
Securelist	a year ago	Malware report Q1 2024 – quarter review
CERT-EU	a year ago	Apple Zero-Day Exploits Bypass Kernel Security \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware \| National Cyber Security Consulting
CERT-EU	a year ago	Apple แก้ไขช่องโหว่ Zero-Day บน iOS ที่กำลังถูกใช้โจมตี iPhone - Bangkok, Thailand \| i-secure Co, Ltd.
CERT-EU	a year ago	Apple Fixes Actively Exploited Zero-Days in iOS (CVE-2024-23225)
CERT-EU	a year ago	Operation Triangulation: talk on 37С3
CERT-EU	a year ago	"Forgotten" debugging registers enabled Triangulation exploit against iPhones
CERT-EU	a year ago	The biggest cybersecurity and cyberattack stories of 2023
DARKReading	a year ago	‘Operation Triangulation’ Spyware Attackers Bypass iPhone Memory Protections
Securityaffairs	a year ago	Operation Triangulation attacks relied on an undocumented hardware feature
CERT-EU	a year ago	'Operation Triangulation' exposes advanced iMessage attack on security firm
CERT-EU	a year ago	iPhone 0-click spyware campaign 'Triangulation' detailed
CERT-EU	a year ago	Operation Triangulation: talk on 37С3
CERT-EU	a year ago	Most Sophisticated iPhone Hack Ever Exploited Apple's Hidden Hardware Feature
CERT-EU	a year ago	iPhone Triangulation attack abused undocumented hardware feature
CERT-EU	a year ago	Operation Triangulation: The last (hardware) mystery – GIXtools
CERT-EU	a year ago	Operation Triangulation: The last (hardware) mystery
CERT-EU	a year ago	Apple emergency updates fix recent zero-days on older iPhones
CERT-EU	a year ago	CVE-2023-42916: Apple Zero-Days Exploited in the Wild
Securityaffairs	a year ago	Apple addressed 2 new iOS zero-day vulnerabilities