Google’s Threat Analysis Group (TAG), in partnership with The Citizen Lab, discovered an in-the-wild 0‑day exploit chain for iPhones. Developed by the commercial surveillance vendor, Intellexa, this exploit chain is used to install its Predator spyware secretively onto a device.

Vulnerabilities Discussed

CVE-2023-41991
CVE-2023-41992
CVE-2023-41993

Table of Contents

• Details of the Vulnerabilities
• Countermeasures
• Conclusion
• References

Details of the Vulnerabilities

The vulnerabilities known as CVE-2023-41991, CVE-2023-41992, CVE-2023-41993 have been assigned CVSS base scores of 5.5 (Medium), 7.8 (High) and 9.8 (Critical), respectively. It presents substantial risks of Initial remote code execution (RCE) in Safari, PAC bypass and Local privilege escalation (LPE) in the XNU Kernel.

The Intellexa exploit chain was delivered via a “man-in-the-middle” (MITM) attack, where an attacker is in between the target and the website they’re trying to reach. If the target is going to a website using ‘http’, then the attacker can intercept the traffic and send fake data back to the target to force them to a different website.

Countermeasures

Apple patched the bugs in iOS 16.7 and iOS 17.0.

Conclusion

By updating iOS to the latest version, users can minimize exposure to this threat, we encourage all iOS users to install them as soon as possible.

References

• https://nvd.nist.gov/vuln/detail/CVE-2023-41991
• https://nvd.nist.gov/vuln/detail/CVE-2023-41992
• https://nvd.nist.gov/vuln/detail/CVE-2023-41993

Contact Us

If you have any questions or require further information on any other cybersecurity matters, please don’t hesitate to contact our dedicated team at [email protected].

If you want to see more about the SOC service we offer, please follow this link https://maidar.io.

To ask a question, go to our support portal, Maidar Secure SOC Customer Support.

Or Opt-In to our Threat Advisory Services here.