CISA Lists Apple iOS and iPadOS Memory Corruption Bugs in its Known Exploited Vulnerabilities Catalog

March 7, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. These vulnerabilities pertain to Apple's iOS and were actively exploited in attacks against iPhone devices.

The first vulnerability, CVE-2024-23225, is a kernel memory corruption flaw. Apple has addressed this flaw with improved validation. The advisory for this flaw states, “An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.”

The second vulnerability, CVE-2024-23296, is a RTKit memory corruption flaw. Much like the first, Apple has addressed this flaw with improved validation. The advisory for this flaw continues, “An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.”

Apple has confirmed that both vulnerabilities have been actively exploited. The company statement reads, “Apple is aware of a report that this issue may have been exploited.” The devices impacted by these vulnerabilities include iPhone XS and later models, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later.

Apple has addressed these vulnerabilities with the release of iOS 17.4, iPadOS 17.4, iOS 16.76, and iPad 16.7.6. iPhone vulnerabilities are often exploited by commercial spyware vendors or nation-state actors, typically targeting dissidents and journalists.

According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, federal agencies are required to address these vulnerabilities by March 27, 2024, to protect their networks from attacks exploiting these flaws. Experts also advise private organizations to review the Catalog and address the vulnerabilities in their infrastructure.

Related News

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.