CVE-2023-41061

Vulnerability updated 5 months ago (2024-05-04T18:44:56.027Z)

Download STIX

Preview STIX

CVE-2023-41061 is a significant software vulnerability that was discovered in Apple's Wallet frameworks. This flaw allows for remote code execution, making it possible for malicious actors to execute arbitrary code on vulnerable devices through the manipulation of a "validation issue". The discovery and subsequent exploitation of this vulnerability were part of a broader cybersecurity narrative involving several zero-day exploits. In September 2023, Citizen Lab disclosed the existence of CVE-2023-41061 along with other zero-day vulnerabilities (CVE-2023-41064, CVE-2023-41991, CVE-2023-41992, and CVE-2023-41993). These vulnerabilities were exploited as part of a sophisticated zero-click exploit chain named BLASTPASS, which was used to infect fully patched iPhones with NSO Group's Pegasus spyware. Prior to this, Apple had released patches for another vulnerability (CVE-2023-41990) in January 2023 but only made details about its exploitation public on September 8, 2023, when it also shipped iOS 16.6.1 to resolve CVE-2023-41061 and CVE-2023-41064. Apple acted swiftly upon these disclosures, issuing emergency security updates to address the vulnerabilities. However, reports indicate that these vulnerabilities, including CVE-2023-41061, continued to be actively exploited. The unfolding situation underscored the complexity of maintaining robust cybersecurity measures, even within highly secure ecosystems like Apple's. It also highlighted the importance of continuous vigilance and rapid response to new threats in the ever-evolving landscape of cyber threats.

Description last updated: 2024-05-04T16:08:51.610Z

What's your take? (Question 1 of 3)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Apple

Exploit

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

Alias Description	Association Type	Votes
The Pegasus Malware is associated with CVE-2023-41061. Pegasus is a sophisticated malware developed by the Israeli company, NSO Group. It is a zero-click espionage tool that can be deployed without user interaction, making it highly effective and intrusive. The spyware was used to target various individuals, including Russian journalist Galina Timchenko	Unspecified	2

Associated Vulnerabilities

To see the evidence that has resulted in these vulnerability associations, create a free account

Alias Description	Association Type	Votes
The CVE-2023-41064 Vulnerability is associated with CVE-2023-41061. CVE-2023-41064 is a software vulnerability, specifically a buffer overflow issue found in the iOS ImageIO component. This flaw was discovered and reported by researchers at Citizen Lab in early September. It was being actively exploited as part of an exploit chain, along with another vulnerability (	Unspecified	2

Source Document References

Information about the CVE-2023-41061 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
CERT-EU	7 months ago	Apple แก้ไขช่องโหว่ Zero-Day บน iOS ที่กำลังถูกใช้โจมตี iPhone - Bangkok, Thailand \| i-secure Co, Ltd.
CERT-EU	7 months ago	Apple Fixes Actively Exploited Zero-Days in iOS (CVE-2024-23225)
CERT-EU	9 months ago	Kaspersky releases utility to detect iOS spyware infections - Help Net Security
CERT-EU	10 months ago	Most Sophisticated iPhone Hack Ever Exploited Apple's Hidden Hardware Feature
CERT-EU	10 months ago	Apple emergency updates fix recent zero-days on older iPhones
CERT-EU	a year ago	CVE-2023-42916: Apple Zero-Days Exploited in the Wild
Securityaffairs	a year ago	Apple addressed 2 new iOS zero-day vulnerabilities
CERT-EU	a year ago	Recently patched Apple, Chrome zero-days exploited in spyware attacks
Securityaffairs	a year ago	Apple releases iOS 16 update to fix CVE-2023-42824 on older devices
CERT-EU	a year ago	Apple fixes iOS Kernel zero-day vulnerability on older iPhones
Securityaffairs	a year ago	Apple fixed the 17th zero-day flaw exploited in attacks
CERT-EU	a year ago	Apple ออกแพตซ์อัปเดตเร่งด่วน หลังพบช่องโหว่ Zero-Days ใหม่ 3 รายการ กำลังถูกใช้ในการโจมตี - Bangkok, Thailand \| i-secure Co, Ltd.
CERT-EU	a year ago	This zero day vulnerability could you used to hack into iPhone, Android, Chrome and many other software
CERT-EU	a year ago	Google gives WebP library heap buffer overflow a critical score, but NIST rates it as high-severity
Securityaffairs	a year ago	Watch out! CVE-2023-5129 in libwebp library affects millions apps
CERT-EU	a year ago	iOS, macOS, Safari, and More Vulnerable \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #hacker \| National Cyber Security Consulting
Securityaffairs	a year ago	Apple rolled out emergency updates to address 3 new actively exploited zero-day flaws
CERT-EU	a year ago	Apple emergency updates fix 3 new zero-days exploited in attacks
CERT-EU	a year ago	This Week In Security: Blastpass, MGM Heist, And Killer Themes
Securityaffairs	a year ago	Mozilla fixed a critical zero-day in Firefox and Thunderbird