Apple fixes vulnerabilities in iOS and iPadOS., (Wed, Oct 4th)
2023-10-5 03:53:2 Author: isc.sans.edu(查看原文) 阅读量:12 收藏
2023-10-5 03:53:2 Author: isc.sans.edu(查看原文) 阅读量:12 收藏
Apple today released iOS/iPadOS 17.0.3. These updates fix two vulnerabilities. A WebRTC vulnerability that could be used to execute arbitrary code, establishing initial access to the device, and a Kernel vulnerability used to elevate privileges. The privilege escalation vulnerability has been exploited against older versions of iOS. See Apple's page about these vulnerabilities: https://support.apple.com/en-us/HT213961.
| iOS 17.0.3 and iPadOS 17.0.3 |
|---|
| CVE-2023-42824 [critical] *** EXPLOITED *** Kernel The issue was addressed with improved checks. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6. |
| x |
| CVE-2023-5217 [critical] WebRTC A buffer overflow may result in arbitrary code execution |
| x |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|
文章来源: https://isc.sans.edu/diary/rss/30280
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh