cve-2023-38606

Vulnerability updated 5 months ago (2024-11-29T13:34:13.289Z)
Download STIX
Preview STIX
CVE-2023-38606 is a significant kernel flaw that affects iOS, iPadOS, and macOS-powered devices. This vulnerability was actively exploited against versions of iOS released before iOS 15.7.1. Threat actors exploited this zero-day to gain root privileges on a victim’s iOS device, and then deployed an implant known as 'TriangleDB.' The exploitation primarily targeted devices running older iOS versions released before iOS 15.7.1. The vulnerability was patched by Apple on July 25, 2023. The company issued a Rapid Security Response update in iOS 16.5.1 and iPadOS 16.5.1, macOS Ventura 13.4.1, and also in Safari (16.5.2) via a regular update. This comprehensive approach ensured that the fix reached users of older macOS versions as well. The patch addressed the zero-day kernel vulnerability across all Apple operating systems including iOS, iPadOS, macOS, watchOS, and tvOS. Despite the prompt response from Apple, the latest updates arrived more than a month after the company initially shipped fixes for the actively exploited kernel flaw. This time gap could have potentially exposed numerous devices to security risks. However, with the patches now available, it is crucial for all users to update their devices to the latest software versions to ensure maximum protection against such threats.
Description last updated: 2024-05-04T16:15:11.667Z
What's your take? (Question 1 of 3)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Apple
Operation Tr...
Vulnerability
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Vulnerabilities
To see the evidence that has resulted in these vulnerability associations, create a free account
Alias DescriptionAssociation TypeVotes
The CVE-2023-32434 Vulnerability is associated with cve-2023-38606. CVE-2023-32434 is a high severity software vulnerability that allows for arbitrary code execution with kernel privileges. This flaw, along with two others (CVE-2023-32435 and CVE-2023-32439), were identified as zero-days in June 2023, exploited to deploy the Triangulation spyware via iMessage. The sUnspecified
3
Source Document References
Information about the cve-2023-38606 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Securelist
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
DARKReading
a year ago
CERT-EU
a year ago
Securityaffairs
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
Securityaffairs
a year ago
CERT-EU
2 years ago