CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-23296

Critical Severity
Apple
SVRS
70/100
CVSSv3
7.8/10
EPSS
0.00091/1

CVE-2024-23296 is a memory corruption vulnerability affecting iOS and iPadOS, potentially allowing attackers to bypass kernel memory protections. Fixed in iOS 17.4 and iPadOS 17.4, this vulnerability could be exploited by an attacker with arbitrary kernel read and write capabilities. Apple has indicated reports suggesting that this vulnerability is being actively exploited in the wild. Given an SVRS of 70, while not critical, this vulnerability still poses a significant risk requiring prompt attention. Successful exploitation could lead to system compromise and unauthorized access to sensitive data. This vulnerability is significant because it allows for kernel memory protection bypass. It is crucial to update affected devices immediately to mitigate this risk.

TAGS
In The Wild
Exploit Avaliable
CISA KEV
VECTOR STRING
CVSS:3.1
AV:L
AC:L
PR:L
UI:N
S:U
C:H
I:H
A:H
PUBLICATION DATE2024-03-05
LAST MODIFIED2025-02-13
Eye Icon
SOCRadar
AI Insight

Description:

CVE-2024-23296 is a memory corruption vulnerability in iOS and iPadOS that could allow an attacker with arbitrary kernel read and write capability to bypass kernel memory protections. The vulnerability has a CVSS score of 7.8 and a SOCRadar Vulnerability Risk Score (SVRS) of 72, indicating a high level of severity.

Key Insights:

  • Active Exploitation: Active exploits have been published for this vulnerability, indicating that it is being actively exploited by hackers.
  • CISA Warning: The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about this vulnerability, calling for immediate and necessary measures.
  • Threat Actors: Apple is aware of a report that this issue may have been exploited, but specific threat actors or APT groups have not been identified.
  • In the Wild: The vulnerability is actively exploited by hackers, making it a critical threat to devices running affected versions of iOS and iPadOS.

Mitigation Strategies:

  • Update Devices: Install the latest iOS 17.4 or iPadOS 17.4 updates, which patch this vulnerability.
  • Disable Untrusted Apps: Restrict the installation of apps from untrusted sources to prevent potential exploitation.
  • Use Strong Passwords: Implement strong passwords and two-factor authentication to protect against unauthorized access.
  • Monitor Security Alerts: Stay informed about the latest security alerts and advisories to promptly address any emerging threats.

Additional Information:

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

TitleSoftware LinkDate
Apple Multiple Products Memory Corruption Vulnerabilityhttps://www.cisa.gov/search?g=CVE-2024-232962024-03-06
Apple iOS and iPadOS Memory Corruption Vulnerabilityhttps://www.cisa.gov/search?g=CVE-2024-232962024-03-06
Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-23296 | Apple iOS/iPadOS up to 17.3 Kernel Memory memory corruption (HT214081 / Nessus ID 214269)
vuldb.com2025-01-16
CVE-2024-23296 | Apple iOS/iPadOS up to 17.3 Kernel Memory memory corruption (HT214081 / Nessus ID 214269) | A vulnerability has been found in Apple iOS and iPadOS up to 17.3 and classified as critical. This vulnerability affects unknown code of the component Kernel Memory Handler. The manipulation leads to memory corruption. This vulnerability was named CVE-2024-23296. Local access is required to approach this
vuldb.com
rss
forum
news
Advanced threat predictions for 2025
Igor Kuznetsov, Giampaolo Dedola, Georgy Kucherin, Maher Yamout, Vasily Berdnikov, Isabel Manjarrez, Ilya Savelyev, Joao Godinho2024-12-02
Advanced threat predictions for 2025 | Kaspersky's Global Research and Analysis Team monitors over 900 APT (Advanced Persistent Threat) groups and operations. In this piece of KSB series, we review the advanced threat trends from the past year and offer insights into what we can expect in 2025.We at Kaspersky’s Global Research and Analysis Team monitor over 900 APT (advanced persistent threat) groups and
securelist.com
rss
forum
news
Cyber Security News Weekly Round-Up : Vulnerabilities, Cyber Attacks, Threats & New Cyber Stories - CybersecurityNews
2024-03-10
Cyber Security News Weekly Round-Up : Vulnerabilities, Cyber Attacks, Threats & New Cyber Stories - CybersecurityNews | Description: Stay updated with the most recent advancements in the cybersecurity industry with our weekly recap of cybersecurity news. | News Content: Stay updated with the most recent advancements in the cybersecurity industry with our weekly recap of cybersecurity news. Get comprehensive insights into the latest technical details and cutting-edge technologies being employed to safeguard against cyber threats. This will help you stay informed about the latest trends, vulnerabilities, cutting-edge advancements, cyber attacks, threats, and stories. Discover new threats and fixes in our recap. Learn
google.com
rss
forum
news
Cyber Security News Weekly Round-Up : Vulnerabilities, Cyber Attacks, Threats & New Cyber Stories - CybersecurityNews
2024-03-10
Cyber Security News Weekly Round-Up : Vulnerabilities, Cyber Attacks, Threats & New Cyber Stories - CybersecurityNews | News Content: Stay updated with the most recent advancements in the cybersecurity industry with our weekly recap of cybersecurity news. Get comprehensive insights into the latest technical details and cutting-edge technologies being employed to safeguard against cyber threats. This will help you stay informed about the latest trends, vulnerabilities, cutting-edge advancements, cyber attacks, threats, and stories. Discover new threats and fixes in our recap. Learn about the latest tactics harming your devices. These key things will help you to stay updated on cybersecurity issues
google.com
rss
forum
news
Urgent: Apple Issues Critical Updates for Actively Exploited Zero-Day Flaws - The Hacker News
2024-03-06
Urgent: Apple Issues Critical Updates for Actively Exploited Zero-Day Flaws - The Hacker News | News Content: Apple has released security updates to address several security flaws, including two vulnerabilities that it said have been actively exploited in the wild. The shortcomings are listed below - CVE-2024-23225 - A memory corruption issue in Kernel that an attacker with arbitrary kernel read and write capability can exploit to bypass kernel memory protections CVE-2024-23296 - A memory corruption issue in the RTKit real-time operating system (RTOS) that an attacker with arbitrary kernel read and write capability can exploit to bypass kernel
google.com
rss
forum
news
Apple Patches Everything. July 2024 Edition, (Tue, Jul 30th)
2024-07-30
Apple Patches Everything. July 2024 Edition, (Tue, Jul 30th) | Yesterday, Apple released patches across all of its operating systems. A standalone patch for Safari was released to address WebKit problems in older macOS versions. Apple does not provide CVSS scores or severity ratings. The ratings below are based on my reading of the impact. However, the information isn&#x27t always sufficient to accurately assign a rating.
Yesterday, Apple released patches across all of its operating systems. A standalone patch for Safari was released to address WebKit problems in older macOS
cve-2024-27847
cve-2024-23296
cve-2024-27830
cve-2024-27821
Multiples vulnérabilités dans les produits Apple (30 juillet 2024)
2024-07-30
Multiples vulnérabilités dans les produits Apple (30 juillet 2024) | De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance. Apple indique que la vulnérabilité CVE-2024-23296 est...
ssi.gouv.fr
rss
forum
news

Social Media

One of the vulnerabilities (CVE-2024-23296), a memory corruption issue in iOS and iPadOS, is reportedly being actively exploited.
0
0
0
Get the latest insights on the CVE-2024-23296 vulnerability in macOS Monterey. Understand the risks associated with this zero-day flaw and learn how to fortify your older Mac models against potential attacks. https://t.co/HMWf1TO8eQ
0
0
0
macOS Monterey Vulnerability: Critical Zero-Day Exploit Exposed https://t.co/nT4UZJPYAb "The vulnerability, tracked as CVE-2024-23296, was previously addressed in March for newer devices but is now confirmed to have been actively exploited in the wild."
0
0
0
CVE-2024-23296 in RTKit for iOS and macOS Impact: An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.
0
0
4
https://t.co/I6zrWH0h4u Apple also under attack Apple's got several bugs and fixes this month, with the "most notable," according to Childs, being a patch for CVE-2024-23296 for iOS 16.7.8 and iPadOS 16.7.8. It's a memory corruption flaw in RTKit that could be abused to bypass…
0
0
1
Bluetooth Trackers: Fixed by Google & Apple (along with CVE-2024-23296) #google #apple #bluetooth #tracker #cybersecuritynews #breakingnews https://t.co/p8erCkGsyJ
0
0
0
Apple backports iOS zero-day patch, adds Bluetooth tracker alert: Apple has backported the patch for CVE-2024-23296 to the iOS 16 branch and has fixed a bug (CVE-2024-27852) in MarketplaceKit that may allow maliciously crafted webpages to distribute a… https://t.co/3c5HZFteIr https://t.co/g6AvAL0DpV
0
0
0
"@Apple .. urgent security-themed #Updates to its flagship mobile & desktop operating systems & warned that #Hackers may have already #Exploited an IOS #Vulnerability in the wild .. special attention to CVE-2024-23296, a memory corruption bug in RTKit .. " https://t.co/gGnSmnPRE9
0
0
0
🚨 CVE Alert: Apple Arbitrary Code Execution Vulnerability Exploited In-The-Wild 🚨 Vulnerability Details: CVE-2024-23296(7.8/10) Apple Arbitrary Code Execution Vulnerability Impact A Successful exploit may allow for arbitrary code execution in the context of the logged on… https://t.co/zMGiaz31mP
0
0
0
TheHackersNews: Also... 🚨 Apple has backported a fix for CVE-2024-23296, a critical security flaw in the RTKit real-time operating system, to older iOS, iPadOS, and macOS versions. The #vulnerability allows attackers to bypass kernel memory protection… https://t.co/mos4lnZQ2v
0
0
0

Affected Software

Configuration 1
TypeVendorProduct
OSAppleiphone_os
OSAppleipad_os
OSApplemacos
OSApplewatchos
OSAppletvos
OSApplevisionos

References

ReferenceLink
[email protected]https://support.apple.com/en-us/HT214081
[email protected]https://support.apple.com/en-us/HT214081
[email protected]https://support.apple.com/kb/HT214084
[email protected]https://support.apple.com/kb/HT214086
[email protected]https://support.apple.com/kb/HT214087
[email protected]https://support.apple.com/kb/HT214088
[email protected]http://seclists.org/fulldisclosure/2024/Mar/18
[email protected]http://seclists.org/fulldisclosure/2024/Mar/21
[email protected]http://seclists.org/fulldisclosure/2024/Mar/24
[email protected]http://seclists.org/fulldisclosure/2024/Mar/25
[email protected]http://seclists.org/fulldisclosure/2024/Mar/26
[email protected]https://support.apple.com/en-us/HT214081
[email protected]https://support.apple.com/kb/HT214084
[email protected]https://support.apple.com/kb/HT214086
[email protected]https://support.apple.com/kb/HT214087
[email protected]https://support.apple.com/kb/HT214088
[email protected]http://seclists.org/fulldisclosure/2024/Mar/18
[email protected]http://seclists.org/fulldisclosure/2024/Mar/21
[email protected]http://seclists.org/fulldisclosure/2024/Mar/24
[email protected]http://seclists.org/fulldisclosure/2024/Mar/25
[email protected]http://seclists.org/fulldisclosure/2024/Mar/26
[email protected]http://seclists.org/fulldisclosure/2024/May/11
[email protected]http://seclists.org/fulldisclosure/2024/May/13
[email protected]https://support.apple.com/en-us/HT214081
[email protected]https://support.apple.com/kb/HT214084
[email protected]https://support.apple.com/kb/HT214086
[email protected]https://support.apple.com/kb/HT214087
[email protected]https://support.apple.com/kb/HT214088
[email protected]https://support.apple.com/kb/HT214107
[email protected]http://seclists.org/fulldisclosure/2024/Mar/18
[email protected]http://seclists.org/fulldisclosure/2024/Mar/21
[email protected]http://seclists.org/fulldisclosure/2024/Mar/24
[email protected]http://seclists.org/fulldisclosure/2024/Mar/25
[email protected]http://seclists.org/fulldisclosure/2024/Mar/26
[email protected]http://seclists.org/fulldisclosure/2024/May/11
[email protected]http://seclists.org/fulldisclosure/2024/May/13
[email protected]https://support.apple.com/en-us/HT214081
[email protected]https://support.apple.com/kb/HT214084
[email protected]https://support.apple.com/kb/HT214086
[email protected]https://support.apple.com/kb/HT214087
[email protected]https://support.apple.com/kb/HT214088
[email protected]https://support.apple.com/kb/HT214100
[email protected]https://support.apple.com/kb/HT214107
[email protected]http://seclists.org/fulldisclosure/2024/Mar/18
[email protected]http://seclists.org/fulldisclosure/2024/Mar/21
[email protected]http://seclists.org/fulldisclosure/2024/Mar/24
[email protected]http://seclists.org/fulldisclosure/2024/Mar/25
[email protected]http://seclists.org/fulldisclosure/2024/Mar/26
[email protected]http://seclists.org/fulldisclosure/2024/May/11
[email protected]http://seclists.org/fulldisclosure/2024/May/13
[email protected]https://support.apple.com/en-us/HT214081
[email protected]https://support.apple.com/kb/HT214084
[email protected]https://support.apple.com/kb/HT214086
[email protected]https://support.apple.com/kb/HT214087
[email protected]https://support.apple.com/kb/HT214088
[email protected]https://support.apple.com/kb/HT214100
[email protected]https://support.apple.com/kb/HT214107
[email protected]https://support.apple.com/kb/HT214118
[email protected]http://seclists.org/fulldisclosure/2024/Jul/20
[email protected]http://seclists.org/fulldisclosure/2024/Mar/18
[email protected]http://seclists.org/fulldisclosure/2024/Mar/21
[email protected]http://seclists.org/fulldisclosure/2024/Mar/24
[email protected]http://seclists.org/fulldisclosure/2024/Mar/25
[email protected]http://seclists.org/fulldisclosure/2024/Mar/26
[email protected]http://seclists.org/fulldisclosure/2024/May/11
[email protected]http://seclists.org/fulldisclosure/2024/May/13
[email protected]https://support.apple.com/en-us/HT214081
[email protected]https://support.apple.com/kb/HT214084
[email protected]https://support.apple.com/kb/HT214086
[email protected]https://support.apple.com/kb/HT214087
[email protected]https://support.apple.com/kb/HT214088
[email protected]https://support.apple.com/kb/HT214100
[email protected]https://support.apple.com/kb/HT214107
[email protected]https://support.apple.com/kb/HT214118
AF854A3A-2127-422B-91AE-364DA2661108http://seclists.org/fulldisclosure/2024/Jul/20
AF854A3A-2127-422B-91AE-364DA2661108http://seclists.org/fulldisclosure/2024/Mar/18
AF854A3A-2127-422B-91AE-364DA2661108http://seclists.org/fulldisclosure/2024/Mar/21
AF854A3A-2127-422B-91AE-364DA2661108http://seclists.org/fulldisclosure/2024/Mar/24
AF854A3A-2127-422B-91AE-364DA2661108http://seclists.org/fulldisclosure/2024/Mar/25
AF854A3A-2127-422B-91AE-364DA2661108http://seclists.org/fulldisclosure/2024/Mar/26
AF854A3A-2127-422B-91AE-364DA2661108http://seclists.org/fulldisclosure/2024/May/11
AF854A3A-2127-422B-91AE-364DA2661108http://seclists.org/fulldisclosure/2024/May/13
AF854A3A-2127-422B-91AE-364DA2661108https://support.apple.com/en-us/HT214081
AF854A3A-2127-422B-91AE-364DA2661108https://support.apple.com/kb/HT214084
AF854A3A-2127-422B-91AE-364DA2661108https://support.apple.com/kb/HT214086
AF854A3A-2127-422B-91AE-364DA2661108https://support.apple.com/kb/HT214087
AF854A3A-2127-422B-91AE-364DA2661108https://support.apple.com/kb/HT214088
AF854A3A-2127-422B-91AE-364DA2661108https://support.apple.com/kb/HT214100
AF854A3A-2127-422B-91AE-364DA2661108https://support.apple.com/kb/HT214107
AF854A3A-2127-422B-91AE-364DA2661108https://support.apple.com/kb/HT214118
[email protected]http://seclists.org/fulldisclosure/2024/Jul/20
[email protected]http://seclists.org/fulldisclosure/2024/Mar/18
[email protected]http://seclists.org/fulldisclosure/2024/Mar/21
[email protected]http://seclists.org/fulldisclosure/2024/Mar/24
[email protected]http://seclists.org/fulldisclosure/2024/Mar/25
[email protected]http://seclists.org/fulldisclosure/2024/Mar/26
[email protected]http://seclists.org/fulldisclosure/2024/May/11
[email protected]http://seclists.org/fulldisclosure/2024/May/13
[email protected]https://support.apple.com/en-us/HT214081
[email protected]https://support.apple.com/kb/HT214084
[email protected]https://support.apple.com/kb/HT214086
[email protected]https://support.apple.com/kb/HT214087
[email protected]https://support.apple.com/kb/HT214088
[email protected]https://support.apple.com/kb/HT214100
[email protected]https://support.apple.com/kb/HT214107
[email protected]https://support.apple.com/kb/HT214118

CWE Details

CWE IDCWE NameDescription
CWE-787Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence