AI description
CVE-2023-32434 is an integer overflow vulnerability residing in the Mach virtual memory layer of the XNU kernel, the kernel used in Apple's iOS, iPadOS, macOS, and watchOS operating systems. This flaw allows an application to execute arbitrary code with kernel privileges. It was patched in iOS 16.5.1, macOS 13.4.1, and corresponding versions of the other affected operating systems. This vulnerability was reportedly exploited as part of the "Operation Triangulation" spyware campaign, discovered when security researchers at Kaspersky were targeted. The exploit chain involved a WebKit bug, the kernel bug (CVE-2023-32434), a userspace PAC bypass, and a PPL bypass. This vulnerability affects devices running versions of iOS released before iOS 15.7, as well as macOS Big Sur 11.7.8, macOS Monterey 12.6.7, watchOS 8.8.1 and 9.5.2. Apple addressed the vulnerability with improved input validation. While the vulnerability has been patched, it highlights the importance of keeping devices updated to protect against potential exploits. The discovery and subsequent patching of this vulnerability underscore the ongoing efforts in cybersecurity to identify and mitigate threats, especially those actively exploited in the wild.
- Description
- An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS 15.7.7, macOS Monterey 12.6.7, watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, macOS Ventura 13.4.1. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.
- Source
- product-security@apple.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Apple Multiple Products Integer Overflow Vulnerability
- Exploit added on
- Jun 23, 2023
- Exploit action due
- Jul 14, 2023
- Required action
- Apply updates per vendor instructions.
- Hype score
- Not currently trending
セキュリティ研究者たちは、Apple iOSデバイスを対象とした新しいカーネルエクスプロイト「Trigon」を発表した。これはXNUカーネルの仮想メモリサブシステムに存在する重大な脆弱性(CVE-2023-32434)を利用している。… https://t.co/mErqW25ysP
@yousukezan
3 Mar 2025
3015 Impressions
4 Retweets
35 Likes
12 Bookmarks
0 Replies
0 Quotes
⚠️ Vulnerability Alert: Trigon iOS Kernel Exploit 📅 Timeline: Disclosure: 2023-06-23, Patch: 2023-06-23 🆔cveId: CVE-2023-32434 📊baseScore: 7.8 📏cvssMetrics: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H cvssSeverity: High 🟠 🛠️exploitMaturity: Actively Exploited… https://t.co/dWE
@syedaquib77
3 Mar 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Alfie CG publishes write-up on Trigon, a deterministic kernel exploit based on CVE-2023-32434 that can’t fail https://t.co/aJl47p9otZ
@iDownloadBlog
2 Mar 2025
1766 Impressions
0 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
Execing the CVE-2023-32434 using a deterministic exploit strategy (100% success rate)! ARM64e is certainly not as easy, but for now all of #arm64 should be doable with this strategy. https://t.co/ZpFv6AFQuo
@byt3n33dl3
23 Jan 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Full kernel read/write with CVE-2023-32434 using a deterministic exploit strategy (100% success rate)! arm64e is certainly not as easy, but for now all of arm64 should be doable with this strategy. Shoutout to @staturnzdev and @imnotclarity for lots of help and ideas. https://t.c
@alfiecg_dev
22 Jan 2025
25640 Impressions
60 Retweets
435 Likes
94 Bookmarks
14 Replies
2 Quotes
Top 5 Trending CVEs: 1 - CVE-2023-32434 2 - CVE-2024-49113 3 - CVE-2024-43405 4 - CVE-2024-10957 5 - CVE-2024-30078 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
6 Jan 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2023-32434 is much more powerful than just a PUAF - it can also be used as a physical mapping primitive. This allows for a deterministic exploit that doesn’t use any memory corruption. I don’t have a complete exploit yet, but so far it’s been a fun project! https://t.co/hhvej
@alfiecg_dev
5 Jan 2025
27201 Impressions
26 Retweets
266 Likes
58 Bookmarks
7 Replies
2 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E8FAA574-E1B0-4BB4-934A-7B9D7D4363B0",
"versionEndExcluding": "15.7.7"
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C9696FA8-BED8-44C1-8F9F-70D7B61E861D",
"versionEndExcluding": "16.5.1",
"versionStartIncluding": "16.0"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B94C7DA5-DA67-4FFB-AB79-62CE457357D1",
"versionEndExcluding": "15.7.7"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "264BAADE-3DE3-4698-B182-15802C36FB19",
"versionEndExcluding": "16.5.1",
"versionStartIncluding": "16.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A6FCD0AD-BB08-44D1-9E14-24C4D940B760",
"versionEndExcluding": "11.7.8",
"versionStartIncluding": "11.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "969D98EE-69B3-4F88-8170-4FBBABFEEB15",
"versionEndExcluding": "12.6.7",
"versionStartIncluding": "12.0.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3405331D-E4E6-4362-91C7-0F50DA398938",
"versionEndExcluding": "13.4.1",
"versionStartIncluding": "13.0"
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "757EE36B-8601-4676-B3C8-5A58D5BBF611",
"versionEndExcluding": "8.8.1"
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8B4BDE3-1FAB-4716-AEDF-DC20E0A74B04",
"versionEndExcluding": "9.5.2",
"versionStartIncluding": "9.0"
}
],
"operator": "OR"
}
]
}
]