⚠ Actively exploited

Added to CISA KEV on 2023-07-26. Federal agencies required to patch by 2023-08-16. Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable..

CVE-2023-38606 — Apple IOS AND Ipados vulnerability

39 documents10 sources

Severity

5.5MEDIUMNVD

EPSS

0.1%

top 70.03%

CISA KEV

KEV

Added 2023-07-26

Due 2023-08-16

Exploit

Exploited in wild

Active exploitation observed

Affected products

Apple IOS AND Ipados Apple Macos Apple Tvos +8 more

Timeline

KEV addedJul 26

PublishedJul 27

KEV dueAug 16

Latest updateMar 26

CISA Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Description

This issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to modify sensitive kernel state. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages16 packages

▶Appleapple/macos_ventura13.5

▶Appleapple/macos_monterey12.6.8

▶CVEListV5apple/macosunspecified — 13.5+2

▶NVDapple/macos11.0 — 11.7.9+2

▶Appleapple/macos_big_sur11.7.9

🔴Vulnerability Details

GHSA

GHSA-8fwg-w59v-g942: This issue was addressed with improved state management↗2023-07-27

▶

VulnCheck

Apple Multiple Products Kernel Unspecified Vulnerability↗2023

▶

📋Vendor Advisories

CISA

Apple Multiple Products Kernel Unspecified Vulnerability↗2023-07-26

▶

Apple

CVE-2023-38606: iOS 16.6 and iPadOS 16.6↗2023-07-24

▶

Apple

CVE-2023-38606: macOS Monterey 12.6.8↗2023-07-24

▶

Apple

CVE-2023-38606: watchOS 9.6↗2023-07-24

▶

Apple

CVE-2023-38606: macOS Big Sur 11.7.9↗2023-07-24

▶

🕵️Threat Intelligence

Securelist

Coruna: the framework used in Operation Triangulation↗2026-03-26

▶

Bleepingcomputer

Coruna iOS exploit framework linked to Triangulation attacks↗2026-03-26

▶

Hackernews

Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in Recent Mass Attacks↗2026-03-26

▶

Bleepingcomputer

Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks↗2025-03-11

▶

Bleepingcomputer

Apple fixes zero-day exploited in 'extremely sophisticated' attacks↗2025-02-10

▶