Apple Addresses Zero-Day Flaws Exploited in the Wild
Apple Addresses Zero-Day Flaws Exploited in the Wild
Threat Level
Vulnerability Report
For a detailed threat advisory, download the pdf file here
Summary
Apple addressed three zero-day vulnerabilities used in an iPhone exploit chain to deliver the Predator spyware. The vulnerabilities involved were CVE-2023-41991, CVE-2023-41992, and CVE-2023-41993. These vulnerabilities enabled attackers to bypass certificate validation, escalate privileges, and execute remote code on the targeted devices by using specially crafted web content.
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.