Apple Patches Zero-Days Actively Exploited to Deliver Pegasus Spyware

September 8, 2023

Citizen Lab researchers have disclosed that the zero-day vulnerabilities recently fixed by Apple were being actively exploited to deliver the Pegasus spyware, developed by NSO Group. The two vulnerabilities, identified as CVE-2023-41064 and CVE-2023-41061, were used in combination as part of a zero-click exploit, dubbed BLASTPASS, to target iPhones running the latest iOS version, 16.6.

The discovery of the exploit was made while examining the device of an individual working for a civil society organization based in Washington DC with international offices. The researchers found that the exploit involved the use of PassKit attachments containing malicious images, which were sent to the victim from an attacker's iMessage account.

Citizen Lab's report states, “Last week, while checking the device of an individual employed by a Washington DC-based civil society organization with international offices, Citizen Lab found an actively exploited zero-click vulnerability being used to deliver NSO Group’s Pegasus mercenary spyware.” The report further reads, “We refer to the exploit chain as BLASTPASS. The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim. The exploit involved PassKit attachments containing malicious images sent from an attacker iMessage account to the victim.”

Citizen Lab intends to publish more technical details about the BLASTPASS exploit chain in the future. In the meantime, they are urging iPhone users to promptly update their devices. The research group highlighted the ongoing threats faced by civil society from threat actors employing highly sophisticated exploits and spyware.

In 2023, Apple has already patched 13 zero-day vulnerabilities that were being actively exploited. The list of these fixed flaws is as follows: .

Related News

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.