CVE-2023-41064

Vulnerability updated a month ago (2024-11-29T14:35:37.214Z)
Download STIX
Preview STIX
CVE-2023-41064 is a software vulnerability, specifically a buffer overflow issue found in the iOS ImageIO component. This flaw was discovered and reported by researchers at Citizen Lab in early September. It was being actively exploited as part of an exploit chain, along with another vulnerability (CVE-2023-41061), to infect devices with NSO Group's Pegasus spyware. Both vulnerabilities were rapidly addressed by Apple, which issued two CVEs and advised all users to install new security patches. The exploitation of CVE-2023-41064 was consistent with NSO Group's BLASTPASS exploit, as confirmed by Amnesty International. After the discovery, Apple promptly patched this vulnerability through a software update in September. Despite the severity of the vulnerability, Apple noted that it did not seem to affect devices that had its "Lockdown Mode" enabled. This mode restricts non-essential iOS features to reduce the device's overall attack surface and is designed for users who may be subject to targeted attacks. Citizen Lab's quick identification and reporting of these zero-day flaws, coupled with Apple's rapid response and patch cycle, played a critical role in mitigating the potential damage. The incident underscores the importance of collaboration between cybersecurity researchers, organizations, and software developers in identifying and addressing security threats. The affected victims and their organizations also played a key role in this collaborative effort.
Description last updated: 2024-05-04T16:08:49.879Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Apple
Exploit
Vulnerability
Ios
Spyware
Google
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
Alias DescriptionAssociation TypeVotes
The Pegasus Malware is associated with CVE-2023-41064. Pegasus is a highly controversial and sophisticated malware, developed by Israel's NSO Group, designed to covertly monitor and extract data from iOS and Android smartphones. Once installed, Pegasus can intercept messages, emails, media, and passwords, and track location data, all while evading detecUnspecified
2
Associated Vulnerabilities
To see the evidence that has resulted in these vulnerability associations, create a free account
Alias DescriptionAssociation TypeVotes
The CVE-2023-41061 Vulnerability is associated with CVE-2023-41064. CVE-2023-41061 is a significant software vulnerability that was discovered in Apple's Wallet frameworks. This flaw allows for remote code execution, making it possible for malicious actors to execute arbitrary code on vulnerable devices through the manipulation of a "validation issue". The discoveryUnspecified
2
Source Document References
Information about the CVE-2023-41064 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
CISA
a month ago
CERT-EU
10 months ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
Securityaffairs
a year ago
CERT-EU
a year ago
Securityaffairs
a year ago
CERT-EU
a year ago
Securityaffairs
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
DARKReading
a year ago
Malwarebytes
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
Securityaffairs
a year ago
CERT-EU
a year ago