Simon ZerafaAnyone else remember CVE-2023-38606?
"Kaspersky finds hardware backdoor in 5 generations of Apple silicon"
How did it get there and why? 🤔🤷♂️
🛡 
Multiple vulnerabilities identified in Apple Products pose an Extremely High Risk. Two vulnerabilities, CVE-2023-38606 and CVE-2023-37450, are actively being exploited. Stay safe and update your devices!
Technical Summary of Apple Products Multiple Vulnerabilities
A technical summary of multiple vulnerabilities identified in Apple Products. The information is based on a security bulletin published by HKCERT.
Risk Level
The risk level of these vulnerabilities is classified as Extremely High Risk.
Vulnerability Types
The vulnerabilities are related to the following types:
Denial of service condition
Elevation of privilege
Remote code execution
Sensitive information disclosure
Data manipulation
Security restriction bypass
Exploited Vulnerabilities
Two vulnerabilities, CVE-2023-38606 and CVE-2023-37450, are currently being exploited in the wild. These vulnerabilities are related to the Kernel and WebKit components that may lead to arbitrary code execution.
CVE-2023-38606: An app may be able to modify sensitive kernel state. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1.
CVE-2023-37450: Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Source: [HKCERT Security Bulletin](https://www.hkcert.org/security-bulletin/apple-products-multiple-vulnerabilities_20230725)
#AppleSecurity #CyberSecurity #Vulnerabilities #HighRisk #CVE202338606 #CVE202337450
