Apple fixes vulnerabilities in iOS and iPadOS.

Published: 2023-10-04
Last Updated: 2023-10-04 19:53:02 UTC
by Johannes Ullrich (Version: 1)
0 comment(s)

Apple today released iOS/iPadOS 17.0.3. These updates fix two vulnerabilities. A WebRTC vulnerability that could be used to execute arbitrary code, establishing initial access to the device, and a Kernel vulnerability used to elevate privileges. The privilege escalation vulnerability has been exploited against older versions of iOS. See Apple's page about these vulnerabilities:


iOS 17.0.3 and iPadOS 17.0.3
CVE-2023-42824 [critical] *** EXPLOITED *** Kernel
The issue was addressed with improved checks.
A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6.
CVE-2023-5217 [critical] WebRTC

A buffer overflow may result in arbitrary code execution


Johannes B. Ullrich, Ph.D. , Dean of Research,

0 comment(s)


Diary Archives