Apple OS Kernel State Modification Vulnerability (pre-12.6.8,15.7.1)
CVE-2023-38606 Published on July 27, 2023

This issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to modify sensitive kernel state. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1.

NVD

Known Exploited Vulnerability

This Apple Multiple Products Kernel Unspecified Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Apple iOS, iPadOS, macOS, tvOS, and watchOS contain an unspecified vulnerability allowing an app to modify sensitive kernel state.

The following remediation steps are recommended / required by August 16, 2023: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Vulnerability Analysis

CVE-2023-38606 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. This vulnerability is known to be actively exploited by threat actors. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and no impact on availability.

Attack Vector:
LOCAL
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
NONE
Integrity Impact:
HIGH
Availability Impact:
NONE

Products Associated with CVE-2023-38606

Want to know whenever a new CVE is published for Apple products? stack.watch will email you.

Apple iPadOS
 
Apple iOS
 
Apple macOS
 
Apple watchOS
 
Apple tvOS
 

Affected Versions

Apple tvOS: Apple iOS and iPadOS: Apple macOS: Apple iOS and iPadOS: Apple macOS: Apple macOS: Apple watchOS:

Exploit Probability

EPSS
0.10%
Percentile
26.97%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.