July 27, 2023

iOS 16.5.1

Vector image of an iphone with a colored screensaver.

Overview

Apple released Rapid Security Response (RSR) late last week to cover for a vulnerability which is affecting all iPhones and iPads. This vulnerability is tracked as CVE-2023-37450 and is fixed by 16.5.1(c) or later. This is a remote code execution type vulnerability in Webkit, which is the basis of Apple’s cross platform web browser, i.e. the engine that powers Safari and other third party web browsers for iOS. Apple has reported that they are aware of the vulnerability being exploited in the wild. The vulnerability also is part of CISA guidelines for federal agencies to fix by August 03, 2023.

It is unclear whether Apple will release a patch for CVE-2023-37450 for older iPhone models as version 15.7.8 doesn’t cover CVE-2023-37450.

Lookout Analysis

While limited information has been made available for the vulnerability, the remote code execution capability being exploited in the wild makes it critical enough to be patched. We strongly recommend that the iPhone and iPad users keep their devices on auto update for RSR so that these security fixes can be applied as soon as they are released.

It is likely that the vulnerability can be executed by processing malcrafted web pages providing them higher privileges. While we currently do not have a way to mark devices out of compliance for the RSR versions, our multifaceted approach protects mobile users from malicious phishing campaigns that are built to exploit these vulnerabilities. Lookout will also detect if an attacker is successfully able to compromise the device at the OS level. We recommend broadcasting the importance of installing the RSR version to ensure that the primary level of defense is put up.

Authors

Lookout

Cloud & Endpoint Security

Lookout, Inc. is the data-centric cloud security company that uses a defense-in-depth strategy to address the different stages of a modern cybersecurity attack. Data is at the core of every organization, and our approach to cybersecurity is designed to protect that data within today’s evolving threat landscape no matter where or how it moves.

Platform(s) Affected
iOS
Entry Type
Threat Guidances
Threat Type
Vulnerability
Platform(s) Affected
iOS
Threat Guidances
Vulnerability
A person with a prosthetic arm working on a computer

Identify and Prevent Threats with Lookout Threat Advisory

Stop Cyberattacks Before They Start With Industry-Leading Threat Intelligence.

Lookout Threat Advisory offers advanced mobile threat intelligence, leveraging millions of devices in our global network and top security research insights to protect your organization.

HeaderHeaderHeaderHeader
CellCellCellCell
CellCellCellCell
CellCellCellCell
CellCellCellCell