InfoSecBulletin Cybersecurity for mankind
A PoC code has been released for the a serious vulnerability, CVE-2023-41974, on iOS and macOS. This vulnerability can be used to gain full control of a mobile device by exploiting a critical issue in the kernel, giving an application access to run any code with kernel privileges.
This discovery is based on Félix Poulin-Bélanger’s research, which uncovered a way to combine multiple flaws in the kernel. Poulin-Bélanger demonstrated these vulnerabilities and publicly shared the technical details of how he found and exploited the vulnerability.
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
Poulin-Bélanger received $70,000 from the Apple Security Bounty program for his groundbreaking work. This encourages researchers worldwide to explore cybersecurity further.
The exploit was tested on the latest Apple devices like the iPhone 14 Pro Max and the MacBook Air M2 2022, showing how far-reaching and impactful this vulnerability is. The Proof-of-Concept (PoC) exploit demonstrates the CVE-2023-41974 flaw, giving a practical insight into this security breach.
Poulin-Bélanger has created a GitHub repository called kfd (kernel file descriptor) where he has shared his extensive research on the kernel memory of Apple devices. The kfd project aims to read and write kernel memory. on Apple devices.
It uses different vulnerabilities, specifically the exploitation of dangling PTEs (Page Table Entries), which are called PUAF (physical use-after-free) primitive. This new method reallocates certain kernel objects within these physical pages and directly manipulates them from user space through the dangling PTEs to achieve a KRKW (kernel read/write) primitive. The project is contained in the libkfd library and includes executable wrappers for both iOS and macOS.
