CVE-2023-42824
Published: 04 October 2023
Summary
CVE-2023-42824 is a high-severity an unspecified weakness vulnerability in Apple Ipados. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 23.0% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2023-42824 is a privilege escalation vulnerability in Apple's mobile operating systems that was addressed through improved checks. It affects iOS and iPadOS versions prior to 16.7.1, with a CVSS score of 7.8 reflecting local attack vector, low complexity, and high impact across confidentiality, integrity, and availability.
A local attacker already present on a device can exploit the flaw to elevate privileges. Apple has stated that the issue may have been actively exploited in the wild against versions of iOS before 16.6.
Apple security updates HT213972 and HT213961, along with the corresponding KB articles, direct users to install iOS 16.7.1 and iPadOS 16.7.1 to remediate the issue. The vulnerability is also listed in CISA's catalog of known exploited vulnerabilities.
Apple's disclosure confirms awareness of active exploitation reports against older iOS releases, underscoring the need for prompt patching on supported devices.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-47245
Vulnerability details
The issue was addressed with improved checks. This issue is fixed in iOS 16.7.1 and iPadOS 16.7.1. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively…
more
exploited against versions of iOS before iOS 16.6.
- CWE(s)
- KEV Date Added
- 05 October 2023
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly enforces the improved access checks that Apple used to block the local privilege-escalation path in CVE-2023-42824.
Requires timely application of the iOS 16.7.1 / iPadOS 16.7.1 patch that remediates the flaw Apple states is being exploited in the wild.
Limits the privileges a local attacker can obtain even if the flawed check is bypassed, reducing the impact of successful escalation.