CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-23225

Critical Severity
Apple
SVRS
70/100
CVSSv3
7.8/10
EPSS
0.00038/1

CVE-2024-23225 is a memory corruption vulnerability in iOS and iPadOS that could allow an attacker with kernel read/write privileges to bypass memory protections. Apple reports this issue may have been actively exploited, making patching immediately critical. This vulnerability has been addressed in iOS 16.7.6, iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4. While the CVSS score is 7.8, SOCRadar's Vulnerability Risk Score (SVRS) is 70, indicating a high risk. Although the SVRS is not above the "critical" threshold of 80, the presence of active exploits in the wild and its inclusion in the CISA KEV catalog emphasizes the urgency to patch. Successful exploitation could lead to complete system compromise. Organizations should prioritize updating their Apple devices to the latest versions to mitigate this significant threat.

TAGS
In The Wild
Exploit Avaliable
CISA KEV
VECTOR STRING
CVSS:3.1
AV:L
AC:L
PR:L
UI:N
S:U
C:H
I:H
A:H
PUBLICATION DATE2024-03-05
LAST MODIFIED2025-02-13
Eye Icon
SOCRadar
AI Insight

Description:

CVE-2024-23225 is a memory corruption vulnerability in iOS and iPadOS that could allow an attacker with arbitrary kernel read and write capability to bypass kernel memory protections. The vulnerability has a CVSS score of 7.8 and a SOCRadar Vulnerability Risk Score (SVRS) of 72, indicating a high level of severity.

Key Insights:

  • Active Exploitation: Active exploits have been published for this vulnerability, indicating that it is being actively exploited by hackers.
  • CISA Warning: The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about this vulnerability, calling for immediate and necessary measures.
  • Threat Actors: Apple is aware of a report that this issue may have been exploited, but specific threat actors or APT groups have not been identified.
  • In the Wild: The vulnerability is actively exploited by hackers, making it a critical threat to organizations and individuals.

Mitigation Strategies:

  • Update Software: Install the latest iOS or iPadOS updates (iOS 16.7.6, iPadOS 16.7.6, iOS 17.4, or iPadOS 17.4) to patch the vulnerability.
  • Restrict Network Access: Limit network access to trusted devices and implement network segmentation to reduce the attack surface.
  • Enable Security Features: Enable security features such as two-factor authentication and antivirus software to enhance device protection.
  • Monitor for Suspicious Activity: Regularly monitor systems for suspicious activity and investigate any anomalies promptly.

Additional Information:

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

TitleSoftware LinkDate
Apple Multiple Products Memory Corruption Vulnerabilityhttps://www.cisa.gov/search?g=CVE-2024-232252024-03-06
Apple iOS and iPadOS Memory Corruption Vulnerabilityhttps://www.cisa.gov/search?g=CVE-2024-232252024-03-06
Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

Advanced threat predictions for 2025
Igor Kuznetsov, Giampaolo Dedola, Georgy Kucherin, Maher Yamout, Vasily Berdnikov, Isabel Manjarrez, Ilya Savelyev, Joao Godinho2024-12-02
Advanced threat predictions for 2025 | Kaspersky's Global Research and Analysis Team monitors over 900 APT (Advanced Persistent Threat) groups and operations. In this piece of KSB series, we review the advanced threat trends from the past year and offer insights into what we can expect in 2025.We at Kaspersky’s Global Research and Analysis Team monitor over 900 APT (advanced persistent threat) groups and
securelist.com
rss
forum
news
Cyber Security News Weekly Round-Up : Vulnerabilities, Cyber Attacks, Threats & New Cyber Stories - CybersecurityNews
2024-03-10
Cyber Security News Weekly Round-Up : Vulnerabilities, Cyber Attacks, Threats & New Cyber Stories - CybersecurityNews | Description: Stay updated with the most recent advancements in the cybersecurity industry with our weekly recap of cybersecurity news. | News Content: Stay updated with the most recent advancements in the cybersecurity industry with our weekly recap of cybersecurity news. Get comprehensive insights into the latest technical details and cutting-edge technologies being employed to safeguard against cyber threats. This will help you stay informed about the latest trends, vulnerabilities, cutting-edge advancements, cyber attacks, threats, and stories. Discover new threats and fixes in our recap. Learn
google.com
rss
forum
news
Cyber Security News Weekly Round-Up : Vulnerabilities, Cyber Attacks, Threats & New Cyber Stories - CybersecurityNews
2024-03-10
Cyber Security News Weekly Round-Up : Vulnerabilities, Cyber Attacks, Threats & New Cyber Stories - CybersecurityNews | News Content: Stay updated with the most recent advancements in the cybersecurity industry with our weekly recap of cybersecurity news. Get comprehensive insights into the latest technical details and cutting-edge technologies being employed to safeguard against cyber threats. This will help you stay informed about the latest trends, vulnerabilities, cutting-edge advancements, cyber attacks, threats, and stories. Discover new threats and fixes in our recap. Learn about the latest tactics harming your devices. These key things will help you to stay updated on cybersecurity issues
google.com
rss
forum
news
Urgent: Apple Issues Critical Updates for Actively Exploited Zero-Day Flaws - The Hacker News
2024-03-06
Urgent: Apple Issues Critical Updates for Actively Exploited Zero-Day Flaws - The Hacker News | News Content: Apple has released security updates to address several security flaws, including two vulnerabilities that it said have been actively exploited in the wild. The shortcomings are listed below - CVE-2024-23225 - A memory corruption issue in Kernel that an attacker with arbitrary kernel read and write capability can exploit to bypass kernel memory protections CVE-2024-23296 - A memory corruption issue in the RTKit real-time operating system (RTOS) that an attacker with arbitrary kernel read and write capability can exploit to bypass kernel
google.com
rss
forum
news
Cyber Security News Weekly Round-Up : Vulnerabilities & Cyber Attacks - CybersecurityNews
2024-03-10
Cyber Security News Weekly Round-Up : Vulnerabilities & Cyber Attacks - CybersecurityNews | News Content: Stay updated with the most recent advancements in the cybersecurity industry with our weekly recap of cybersecurity news. Get comprehensive insights into the latest technical details and cutting-edge technologies being employed to safeguard against cyber threats. This will help you stay informed about the latest trends, vulnerabilities, cutting-edge advancements, cyber attacks, threats, and stories. Discover new threats and fixes in our recap. Learn about the latest tactics harming your devices. These key things will help you to stay updated on cybersecurity issues for timely fixes and
cve-2023-36049
cve-2024-1299
cve-2024-23296
cve-2024-0199
Apple fixes two actively exploited iOS zero-days (CVE-2024-23225, CVE-2024-23296) - Help Net Security
2024-03-06
Apple fixes two actively exploited iOS zero-days (CVE-2024-23225, CVE-2024-23296) - Help Net Security | News Content: Apple has fixed two iOS zero-day vulnerabilities (CVE-2024-23225, CVE-2024-23296) exploited by attackers in the wild. CVE-2024-23225 and CVE-2024-23296 On Tuesday, Apple released security updates for all three supported branches of iOS and iPadOS. iOS and iPadOS 17.4 carry fixes for four vulnerabilities: Two affecting the privacy of users (allowing an app to read sensitive location information and making users’ locked tabs visible) CVE-2024-23225, a memory corruption issue in the OSes
google.com
rss
forum
news
Cyber Security News Weekly Round-Up : Vulnerabilities, Cyber Attacks, Threats & New Cyber Stories - CybersecurityNews
2024-03-10
Cyber Security News Weekly Round-Up : Vulnerabilities, Cyber Attacks, Threats & New Cyber Stories - CybersecurityNews | URL: https://cybersecuritynews.com/cyber-security-news-weekly-round-up/ | Description: Stay updated with the most recent advancements in the cybersecurity industry with our weekly recap of cybersecurity news. | News Content: Stay updated with the most recent advancements in the cybersecurity industry with our weekly recap of cybersecurity news. Get comprehensive insights into the latest technical details and cutting-edge technologies being employed to safeguard against cyber threats. This will help you stay informed about the latest trends, vulnerabilities, cutting-edge advancements, cyber attacks, threats, and stories. Discover new threats and fixes
google.com
rss
forum
news

Social Media

No tweets found for this CVE

Affected Software

Configuration 1
TypeVendorProduct
OSAppleiphone_os
OSAppleipad_os
OSApplewatchos
OSAppletvos
OSApplemacos
OSApplevisionos
OSAppleipados

References

ReferenceLink
[email protected]https://support.apple.com/en-us/HT214081
[email protected]https://support.apple.com/en-us/HT214082
[email protected]https://support.apple.com/en-us/HT214081
[email protected]https://support.apple.com/en-us/HT214082
[email protected]https://support.apple.com/kb/HT214083
[email protected]https://support.apple.com/kb/HT214084
[email protected]https://support.apple.com/kb/HT214085
[email protected]https://support.apple.com/kb/HT214086
[email protected]https://support.apple.com/kb/HT214087
[email protected]https://support.apple.com/kb/HT214088
[email protected]http://seclists.org/fulldisclosure/2024/Mar/18
[email protected]http://seclists.org/fulldisclosure/2024/Mar/19
[email protected]http://seclists.org/fulldisclosure/2024/Mar/21
[email protected]http://seclists.org/fulldisclosure/2024/Mar/22
[email protected]http://seclists.org/fulldisclosure/2024/Mar/23
[email protected]http://seclists.org/fulldisclosure/2024/Mar/24
[email protected]http://seclists.org/fulldisclosure/2024/Mar/25
[email protected]http://seclists.org/fulldisclosure/2024/Mar/26
[email protected]https://support.apple.com/en-us/HT214081
[email protected]https://support.apple.com/en-us/HT214082
[email protected]https://support.apple.com/kb/HT214083
[email protected]https://support.apple.com/kb/HT214084
[email protected]https://support.apple.com/kb/HT214085
[email protected]https://support.apple.com/kb/HT214086
[email protected]https://support.apple.com/kb/HT214087
[email protected]https://support.apple.com/kb/HT214088
AF854A3A-2127-422B-91AE-364DA2661108http://seclists.org/fulldisclosure/2024/Mar/18
AF854A3A-2127-422B-91AE-364DA2661108http://seclists.org/fulldisclosure/2024/Mar/19
AF854A3A-2127-422B-91AE-364DA2661108http://seclists.org/fulldisclosure/2024/Mar/21
AF854A3A-2127-422B-91AE-364DA2661108http://seclists.org/fulldisclosure/2024/Mar/22
AF854A3A-2127-422B-91AE-364DA2661108http://seclists.org/fulldisclosure/2024/Mar/23
AF854A3A-2127-422B-91AE-364DA2661108http://seclists.org/fulldisclosure/2024/Mar/24
AF854A3A-2127-422B-91AE-364DA2661108http://seclists.org/fulldisclosure/2024/Mar/25
AF854A3A-2127-422B-91AE-364DA2661108http://seclists.org/fulldisclosure/2024/Mar/26
AF854A3A-2127-422B-91AE-364DA2661108https://support.apple.com/en-us/HT214081
AF854A3A-2127-422B-91AE-364DA2661108https://support.apple.com/en-us/HT214082
AF854A3A-2127-422B-91AE-364DA2661108https://support.apple.com/kb/HT214083
AF854A3A-2127-422B-91AE-364DA2661108https://support.apple.com/kb/HT214084
AF854A3A-2127-422B-91AE-364DA2661108https://support.apple.com/kb/HT214085
AF854A3A-2127-422B-91AE-364DA2661108https://support.apple.com/kb/HT214086
AF854A3A-2127-422B-91AE-364DA2661108https://support.apple.com/kb/HT214087
AF854A3A-2127-422B-91AE-364DA2661108https://support.apple.com/kb/HT214088
[email protected]http://seclists.org/fulldisclosure/2024/Mar/18
[email protected]http://seclists.org/fulldisclosure/2024/Mar/19
[email protected]http://seclists.org/fulldisclosure/2024/Mar/21
[email protected]http://seclists.org/fulldisclosure/2024/Mar/22
[email protected]http://seclists.org/fulldisclosure/2024/Mar/23
[email protected]http://seclists.org/fulldisclosure/2024/Mar/24
[email protected]http://seclists.org/fulldisclosure/2024/Mar/25
[email protected]http://seclists.org/fulldisclosure/2024/Mar/26
[email protected]https://support.apple.com/en-us/HT214081
[email protected]https://support.apple.com/en-us/HT214082
[email protected]https://support.apple.com/kb/HT214083
[email protected]https://support.apple.com/kb/HT214084
[email protected]https://support.apple.com/kb/HT214085
[email protected]https://support.apple.com/kb/HT214086
[email protected]https://support.apple.com/kb/HT214087
[email protected]https://support.apple.com/kb/HT214088

CWE Details

CWE IDCWE NameDescription
CWE-787Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence