Apple has swiftly responded to critical security concerns by releasing urgent updates to rectify two actively exploited zero-day vulnerabilities. These vulnerabilities, CVE-2024-23225 and CVE-2024-23296, pose significant risks, allowing attackers with arbitrary kernel read and write capabilities to bypass crucial kernel memory protections. Apple has addressed these issues through enhanced validation mechanisms implemented in iOS 17.4, iPadOS 17.4, iOS 16.7.6, and iPadOS 16.7.6.
The updates cater to a wide range of Apple devices, including iPhones, iPads, and specific models such as iPhone 8 and later, as well as iPad Pro models from the 2nd generation onwards. This proactive approach from Apple marks the third instance this year where the company has tackled actively exploited zero-day vulnerabilities. Previously, Apple addressed a confusion flaw in WebKit, which could lead to arbitrary code execution across various Apple platforms, including iOS, iPadOS, macOS, tvOS, and Safari web browser.
Meanwhile, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged two additional vulnerabilities, urging prompt updates to mitigate potential risks. These vulnerabilities encompass an information disclosure flaw affecting Android Pixel devices (CVE-2023-21237) and an operating system command injection flaw in Sunhillo SureLine (CVE-2021-36380), which could result in code execution with root privileges. With indications of limited, targeted exploitation for CVE-2023-21237 and prior revelations of a Mirai botnet leveraging CVE-2021-36380, addressing these vulnerabilities remains critical to bolstering the overall cybersecurity posture.