CVE-2024-23296
published 2024-03-05CVE-2024-23296: A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.4 and iPadOS 17.4, macOS Monterey…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2024-03-27
Exploited in the wild
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.6, macOS Sonoma 14.4, macOS Ventura 13.6.7, tvOS 17.4, visionOS 1.1, watchOS 10.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.
Affected
23 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_16.7.8_and_ipados | — | — |
| apple | ios_17.4_and_ipados | — | — |
| apple | ios_and_ipados | < 16.7.8 | 16.7.8 |
| apple | ios_and_ipados | < 17.4 | 17.4 |
| apple | ipados | < 16.7.8 | 16.7.8 |
| apple | ipados | >= 17.0 < 17.4 | 17.4 |
| apple | iphone_os | < 16.7.8 | 16.7.8 |
| apple | iphone_os | >= 17.0 < 17.4 | 17.4 |
| apple | macos | < 12.7.6 | 12.7.6 |
| apple | macos | < 13.6.7 | 13.6.7 |
| apple | macos | < 14.4 | 14.4 |
| apple | macos | >= 12.0 < 12.7.6 | 12.7.6 |
| apple | macos | >= 13.0 < 13.6.7 | 13.6.7 |
| apple | macos | >= 14.0 < 14.4 | 14.4 |
| apple | macos_monterey | — | — |
| apple | macos_sonoma | — | — |
| apple | macos_ventura | — | — |
| apple | tvos | < 17.4 | 17.4 |
| apple | tvos | — | — |
| apple | visionos | < 1.1 | 1.1 |
| apple | visionos | — | — |
| apple | watchos | < 10.4 | 10.4 |
| apple | watchos | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vulncheck7.8HIGH
cisa7.8HIGH
GHSA
GHSA-v4rc-hq4f-4cmp: A memory corruption issue was addressed with improved validation
ghsa_unreviewed·2024-03-05
CVE-2024-23296 [HIGH] CWE-787 GHSA-v4rc-hq4f-4cmp: A memory corruption issue was addressed with improved validation
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.
VulnCheck
Apple Multiple Products Memory Corruption Vulnerability
vulncheck·2024·CVSS 7.8
CVE-2024-23296 [HIGH] CWE-787 Apple Multiple Products Memory Corruption Vulnerability
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, tvOS, and watchOS RTKit contain a memory corruption vulnerability that allows an attacker with arbitrary kernel read and write capability to bypass kernel memory protections.
Affected: Apple Multiple Products
Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Exploitation References: https://support.apple.com/en-us/HT214081; https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json; https://isc.sans.edu/diary/Apple%20Patches%20Everything.%20July%202024%20Edition/31128; https://ti.qianxin.com/uploads/2024/08/19/2274f632
Apple
CVE-2024-23296: macOS Monterey 12.7.6
vendor_apple·2024-07-29·CVSS 7.8
CVE-2024-23296 [HIGH] CVE-2024-23296: macOS Monterey 12.7.6
Apple Security Update: About the security content of macOS Monterey 12.7.6
Product: macOS Monterey
Version: 12.7.6
CVE: CVE-2024-23296
Component: CVE-2024-23296
Apple
CVE-2024-23296: iOS 16.7.8 and iPadOS 16.7.8
vendor_apple·2024-05-13·CVSS 7.8
CVE-2024-23296 [HIGH] CVE-2024-23296: iOS 16.7.8 and iPadOS 16.7.8
Apple Security Update: About the security content of iOS 16.7.8 and iPadOS 16.7.8
Product: iOS 16.7.8 and iPadOS
Version: 16.7.8
CVE: CVE-2024-23296
Component: CVE-2024-23296
Apple
CVE-2024-23296: macOS Ventura 13.6.7
vendor_apple·2024-05-13·CVSS 7.8
CVE-2024-23296 [HIGH] CVE-2024-23296: macOS Ventura 13.6.7
Apple Security Update: About the security content of macOS Ventura 13.6.7
Product: macOS Ventura
Version: 13.6.7
CVE: CVE-2024-23296
Component: CVE-2024-23296
Apple
CVE-2024-23296: visionOS 1.1
vendor_apple·2024-03-07·CVSS 7.8
CVE-2024-23296 [HIGH] CVE-2024-23296: visionOS 1.1
Apple Security Update: About the security content of visionOS 1.1
Product: visionOS
Version: 1.1
CVE: CVE-2024-23296
Component: CVE-2024-23296
Apple
CVE-2024-23296: tvOS 17.4
vendor_apple·2024-03-07·CVSS 7.8
CVE-2024-23296 [HIGH] CVE-2024-23296: tvOS 17.4
Apple Security Update: About the security content of tvOS 17.4
Product: tvOS
Version: 17.4
CVE: CVE-2024-23296
Component: CVE-2024-23296
Apple
CVE-2024-23296: macOS Sonoma 14.4
vendor_apple·2024-03-07·CVSS 7.8
CVE-2024-23296 [HIGH] CVE-2024-23296: macOS Sonoma 14.4
Apple Security Update: About the security content of macOS Sonoma 14.4
Product: macOS Sonoma
Version: 14.4
CVE: CVE-2024-23296
Component: CVE-2024-23296
Apple
CVE-2024-23296: watchOS 10.4
vendor_apple·2024-03-07·CVSS 7.8
CVE-2024-23296 [HIGH] CVE-2024-23296: watchOS 10.4
Apple Security Update: About the security content of watchOS 10.4
Product: watchOS
Version: 10.4
CVE: CVE-2024-23296
Component: CVE-2024-23296
CISA
Apple Multiple Products Memory Corruption Vulnerability
cisa·2024-03-06·CVSS 7.8
CVE-2024-23296 [HIGH] CWE-787 Apple Multiple Products Memory Corruption Vulnerability
Vulnerability: Apple Multiple Products Memory Corruption Vulnerability
Affected: Apple Multiple Products
Apple iOS, iPadOS, macOS, tvOS, and watchOS RTKit contain a memory corruption vulnerability that allows an attacker with arbitrary kernel read and write capability to bypass kernel memory protections.
Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notes: https://support.apple.com/en-us/HT214081, https://support.apple.com/en-us/HT214082, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214086, https://support.apple.com/en-us/HT214088 ; https://nvd.nist.gov/vuln/detail/CVE-2024-23296
Remediation Due Date: 2024-03-27
Apple
CVE-2024-23296: iOS 17.4 and iPadOS 17.4
vendor_apple·2024-03-05·CVSS 7.8
CVE-2024-23296 [HIGH] CVE-2024-23296: iOS 17.4 and iPadOS 17.4
Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4
Product: iOS 17.4 and iPadOS
Version: 17.4
CVE: CVE-2024-23296
Component: CVE-2024-23296
No detection rules found.
No public exploits indexed.
Securelist
Advanced threat predictions for 2025
blogs_securelist·2024-11-25
Advanced threat predictions for 2025
Table of Contents
Review of last year’s predictions
The rise of creative exploits for mobile, wearables and smart devices
Building new botnets with consumer and corporate software and appliances
Barriers to kernel-level code execution increasingly evaded (kernel rootkits hot again)
Growth in cyberattacks by state-sponsored actors
Hacktivism in cyber-warfare: the new normal in geopolitical conflicts
Supply chain attacks as a service: operators bulk-buying access
Spear-phishing to expand with accessible generative AI
Emergence of more groups offering hack-for-hire services
MFT systems at the forefront of cyberthreats
APT predictions for 2025
Hacktivist alliances to escalate in 2025
The IoT to become a growing attack vector for APTs in 2025
Increasing supply chain attacks on ope
Securelist
Advanced threat predictions for 2025
blogs_securelist·2024-11-25·CVSS 8.8
[HIGH] Advanced threat predictions for 2025
Table of Contents
- Review of last year’s predictions
- APT predictions for 2025
Authors
- Igor Kuznetsov
- Giampaolo Dedola
- Georgy Kucherin
- Maher Yamout
- Vasily Berdnikov
- Isabel Manjarrez
- Ilya Savelyev
- Joao Godinho
We at Kaspersky’s Global Research and Analysis Team monitor over 900 APT (advanced persistent threat) groups and operations. At the end of each year, we take a step back to assess the most complex and sophisticated attacks that have shaped the threat landscape. These insights enable us to anticipate emerging trends and build a clearer picture of what the APT landscape may look like in the year ahead.
In this article in the KSB series, we review the trends of the past year, reflect on the predictions we made for 2024, and offer insights into what we can expect in
Trendmicro
The May 2024 Security Update Review
blogs_trendmicro·2024-05-14·CVSS 7.8
[HIGH] The May 2024 Security Update Review
# The May 2024 Security Update Review
Get the May 2024 security update and review.
By: Dustin Childs
2024/05/14
Read time: ( words)
Save to Folio
Welcome to the second Tuesday of May. As expected, Adobe and Microsoft have released their standard bunch of security patches. Take a break from your regular activities and join us as we review the details of their latest advisories. If you’d rather watch the full video recap covering the entire release, you can check it out here:
Apple Patches for May 2024
Apple kicked off the May release cycle with a group of updates for their macOS and iOS platforms. Most notable is a fix for CVE-2024-23296 for iOS 16.7.8 and iPadOS 16.7.8. This vulnerability is a memory corruption issue in RTKit that could allow attackers to bypass kernel memory protec
Trendmicro
The May 2024 Security Update Review
blogs_trendmicro·2024-05-14·CVSS 7.8
[HIGH] The May 2024 Security Update Review
## The May 2024 Security Update Review
Get the May 2024 security update and review.
By: Dustin Childs 2024/05/14 Read time: ( words)
Save to Folio
Welcome to the second Tuesday of May. As expected, Adobe and Microsoft have released their standard bunch of security patches. Take a break from your regular activities and join us as we review the details of their latest advisories. If you’d rather watch the full video recap covering the entire release, you can check it out here:
Apple Patches for May 2024
Apple kicked off the May release cycle with a group of updates for their macOS and iOS platforms. Most notable is a fix for CVE-2024-23296 for iOS 16.7.8 and iPadOS 16.7.8 . This vulnerability is a memory corruption issue in RTKit that could allow attackers to bypass kernel memory prote
Bleepingcomputer
Apple backports fix for zero-day exploited in attacks to older iPhones
blogs_bleepingcomputer·2024-05-13·CVSS 6.5
CVE-2024-23296 [MEDIUM] Apple backports fix for zero-day exploited in attacks to older iPhones
## Apple backports fix for zero-day exploited in attacks to older iPhones
## Sergiu Gatlan
On March 5th, the company addressed the zero-day vulnerability (tracked as CVE-2024-23296) for newer iPhone, iPad, and Mac models.
Today, Apple backported the March security updates to address this security flaw on iOS 16.7.8, iPadOS 16.7.8 , and macOS Ventura 13.6.7 with improved input validation.
The list of devices patched today includes iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation.
## Three zero-days exploited in attacks patched in 2024
Apple has yet to disclose who disclosed the zero-day or whether it was discovered internally, and it has provided no information on the nature of the attacks exploiting it in the wild.
Even
Krebs
Patch Tuesday, March 2024 Edition
blogs_krebs·2024-03-12·CVSS 7.1
[HIGH] Patch Tuesday, March 2024 Edition
Apple and Microsoft recently released software updates to fix dozens of security holes in their operating systems. Microsoft today patched at least 60 vulnerabilities in its Windows OS. Meanwhile, Apple’s new macOS Sonoma addresses at least 68 security weaknesses, and its latest update for iOS fixes two zero-day flaws.
Last week, Apple pushed out an urgent software update to its flagship iOS platform, warning that there were at least two zero-day exploits for vulnerabilities being used in the wild (CVE-2024-23225 and CVE-2024-23296). The security updates are available in iOS 17.4, iPadOS 17.4, and iOS 16.7.6.
Apple’s macOS Sonoma 14.4 Security Update addresses dozens of security issues. Jason Kitka, chief information security officer at Automox, said the vulnerabilities patched in this u
Krebs
Patch Tuesday, March 2024 Edition
blogs_krebs·2024-03-12·CVSS 7.1
[HIGH] Patch Tuesday, March 2024 Edition
Apple and Microsoft recently released software updates to fix dozens of security holes in their operating systems. Microsoft today patched at least 60 vulnerabilities in its Windows OS . Meanwhile, Apple’s new macOS Sonoma addresses at least 68 security weaknesses, and its latest update for iOS fixes two zero-day flaws.
Last week, Apple pushed out an urgent software update to its flagship iOS platform, warning that there were at least two zero-day exploits for vulnerabilities being used in the wild (CVE-2024-23225 and CVE-2024-23296). The security updates are available in iOS 17.4 , iPadOS 17.4 , and iOS 16.7.6 .
Apple’s macOS Sonoma 14.4 Security Update addresses dozens of security issues. Jason Kitka , chief information security officer at Automox , said the vulnerabilities patched in
https://support.apple.com/en-us/120881https://support.apple.com/en-us/120882https://support.apple.com/en-us/120883https://support.apple.com/en-us/120893https://support.apple.com/en-us/120895https://support.apple.com/en-us/120898https://support.apple.com/en-us/120900https://support.apple.com/en-us/120910http://seclists.org/fulldisclosure/2024/Jul/20http://seclists.org/fulldisclosure/2024/Mar/18http://seclists.org/fulldisclosure/2024/Mar/21http://seclists.org/fulldisclosure/2024/Mar/24http://seclists.org/fulldisclosure/2024/Mar/25http://seclists.org/fulldisclosure/2024/Mar/26http://seclists.org/fulldisclosure/2024/May/11http://seclists.org/fulldisclosure/2024/May/13https://support.apple.com/en-us/HT214081https://support.apple.com/kb/HT214081https://support.apple.com/kb/HT214084https://support.apple.com/kb/HT214086https://support.apple.com/kb/HT214087https://support.apple.com/kb/HT214088https://support.apple.com/kb/HT214100https://support.apple.com/kb/HT214107https://support.apple.com/kb/HT214118https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-23296
2024-03-05
Published
2024-03-06
Added to CISA KEV
Exploited in the wild