InfoSecBulletin Cybersecurity for mankind
Apple released security updates on Wednesday to fix a new vulnerability in iOS and iPadOS. This vulnerability is being actively exploited by attackers.
According to Aplle support page, the company traced two CVE as CVE-2023-42824 and CVE-2023-5217 for iOS 17.0.3 and iPadOS 17.0.3.
WhatsApp banned on all US House of Representatives devices
Kaspersky found “SparkKitty” Malware on Google Play, Apple App Store
OWASP AI Testing Guide Launched to Uncover Vulns in AI Systems
Axentec Launches Bangladesh’s First Locally Hosted Tier-4 Cloud Platform
Hackers Bypass Gmail MFA With App-Specific Password Reuse
Russia detects first SuperCard malware attacks via NFC
Income Property Investments exposes 170,000+ Individuals record
ALERT (CVE: 2023-28771)
Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs
CISA Flags Active Exploits in Apple iOS and TP-Link Routers
10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online
According to Apple,
Kernel
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6.
Description: The issue was addressed with improved checks.
CVE-2023-42824
WebRTC
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: A buffer overflow may result in arbitrary code execution
Description: The issue was addressed by updating to libvpx 1.13.1.
WebKit Bugzilla: 262365
CVE-2023-5217
For detail visit the page.
ALSO READ:
