Apple released Rapid Security Response (RSR) late last week to cover for a vulnerability which is affecting all iPhones and iPads. This vulnerability is tracked as CVE-2023-37450 and is ﬁxed by 16.5.1(c) or later. This is a remote code execution type vulnerability in Webkit, which is the basis of Apple’s cross platform web browser, i.e. the engine that powers Safari and other third party web browsers for iOS. Apple has reported that they are aware of the vulnerability being exploited in the wild. The vulnerability also is part of CISA guidelines for federal agencies to ﬁx by August 03, 2023.
It is unclear whether Apple will release a patch for CVE-2023-37450 for older iPhone models as version 15.7.8 doesn’t cover CVE-2023-37450.
While limited information has been made available for the vulnerability, the remote code execution capability being exploited in the wild makes it critical enough to be patched. We strongly recommend that the iPhone and iPad users keep their devices on auto update for RSR so that these security ﬁxes can be applied as soon as they are released.
It is likely that the vulnerability can be executed by processing malcrafted web pages providing them higher privileges. While we currently do not have a way to mark devices out of compliance for the RSR versions, our multifaceted approach protects mobile users from malicious phishing campaigns that are built to exploit these vulnerabilities. Lookout will also detect if an attacker is successfully able to compromise the device at the OS level. We recommend broadcasting the importance of installing the RSR version to ensure that the primary level of defense is put up.
Identify and Prevent Threats with Lookout Threat Advisory
Stop Cyberattacks Before They Start With Industry-Leading Threat Intelligence.
Lookout Threat Advisory offers advanced mobile threat intelligence, leveraging millions of devices in our global network and top security research insights to protect your organization.