iOS
Threat Guidances
Vulnerability
July 27, 2023

iOS 16.5.1

Vector image of an iphone with a colored screensaver.

Overview

Apple released Rapid Security Response (RSR) late last week to cover for a vulnerability which is affecting all iPhones and iPads. This vulnerability is tracked as CVE-2023-37450 and is fixed by 16.5.1(c) or later. This is a remote code execution type vulnerability in Webkit, which is the basis of Apple’s cross platform web browser, i.e. the engine that powers Safari and other third party web browsers for iOS. Apple has reported that they are aware of the vulnerability being exploited in the wild. The vulnerability also is part of CISA guidelines for federal agencies to fix by August 03, 2023.

It is unclear whether Apple will release a patch for CVE-2023-37450 for older iPhone models as version 15.7.8 doesn’t cover CVE-2023-37450.

Lookout Analysis

While limited information has been made available for the vulnerability, the remote code execution capability being exploited in the wild makes it critical enough to be patched. We strongly recommend that the iPhone and iPad users keep their devices on auto update for RSR so that these security fixes can be applied as soon as they are released.

It is likely that the vulnerability can be executed by processing malcrafted web pages providing them higher privileges. While we currently do not have a way to mark devices out of compliance for the RSR versions, our multifaceted approach protects mobile users from malicious phishing campaigns that are built to exploit these vulnerabilities. Lookout will also detect if an attacker is successfully able to compromise the device at the OS level. We recommend broadcasting the importance of installing the RSR version to ensure that the primary level of defense is put up.

Authors

Lookout

Cloud & Endpoint Security

Lookout is a cybersecurity company that makes it possible for tens of millions of individuals, enterprises and government agencies to be both mobile and secure. Powered by a dataset of virtually all the mobile code in the world -- 40 million apps and counting -- the Lookout Security Cloud can identify connections that would otherwise go unseen and predict and stop mobile attacks before they do harm. The world’s leading mobile network operators, including AT&T, Deutsche Telekom, EE, KDDI, Orange, Sprint, T-Mobile and Telstra, have selected Lookout as its preferred mobile security solution. Lookout is also partnered with such enterprise leaders as AirWatch, Ingram Micro, Microsoft, and MobileIron. Headquartered in San Francisco, Lookout has offices in Amsterdam, Boston, London, Sydney, Tokyo, Toronto and Washington, D.C.

Platform(s) Affected
iOS
Entry Type
Threat Guidances
Threat Type
Vulnerability
Platform(s) Affected
iOS
Threat Guidances
Vulnerability

Related Content

BancaMarStealer

A customizable Malware-as-a-Service banking trojan delivered through any app with messaging capabilities.

Read Threat Article

BadBazaar: iOS and Android Surveillanceware by China’s APT15 Used to Target Tibetans and Uyghurs

Researchers from Lookout have uncovered two new surveillance campaigns, BadBazaar and MOONSHINE, targeting Uyghurs in the People’s Republic of China and abroad.

Read Threat Article

CVE-2023-7024

Google recently disclosed a critical vulnerability in Chromium that adversely affects both Google Chrome and Microsoft Edge browsers across desktop and mobile devices.

Read Threat Article
A person with a prosthetic arm working on a computer

Identify and Prevent Threats with Lookout Threat Advisory

Stop Cyberattacks Before They Start With Industry-Leading Threat Intelligence.

Lookout Threat Advisory offers advanced mobile threat intelligence, leveraging millions of devices in our global network and top security research insights to protect your organization.

Learn More Today
Schedule Demo
HeaderHeaderHeaderHeader
CellCellCellCell
CellCellCellCell
CellCellCellCell
CellCellCellCell