Login Sign Up

CVE-2023-32437

8.6 HIGH

📋 TL;DR

This vulnerability allows malicious iOS/iPadOS apps to escape their security sandbox, potentially accessing system resources or other app data they shouldn't. It affects iOS and iPadOS devices running versions before 16.6. Users who haven't updated their Apple mobile devices are at risk.

💻 Affected Systems

Products:
  • iPhone
  • iPad
Versions: iOS and iPadOS versions before 16.6
Operating Systems: iOS, iPadOS
Default Config Vulnerable: ⚠️ Yes
Notes: All devices running affected iOS/iPadOS versions are vulnerable by default. Requires app installation to exploit.

📦 What is this software?

Ipados by Apple

View all CVEs affecting Ipados →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

⚠️ Risk & Real-World Impact

🔴

Worst Case

A malicious app could gain full system access, steal sensitive data from other apps, install persistent malware, or compromise device integrity.

🟠

Likely Case

Malicious apps could access data from other applications, potentially stealing credentials, financial information, or personal communications.

🟢

If Mitigated

With proper app vetting through the App Store and user caution about app sources, risk is significantly reduced even before patching.

🌐 Internet-Facing: LOW - This requires local app execution, not direct internet exposure.
🏢 Internal Only: MEDIUM - Risk exists if users install untrusted apps on corporate devices.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires a malicious app to be installed on the device. Apple's security updates suggest this was discovered internally or through responsible disclosure.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: iOS 16.6 and iPadOS 16.6

Vendor Advisory: https://support.apple.com/en-us/HT213841

Restart Required: Yes

Instructions:

1. Open Settings app. 2. Tap General. 3. Tap Software Update. 4. Download and install iOS 16.6 or later. 5. Device will restart automatically.

🔧 Temporary Workarounds

Restrict App Installation Sources

all

Only allow app installation from the official App Store to reduce risk of malicious apps

Settings > Screen Time > Content & Privacy Restrictions > iTunes & App Store Purchases > Installing Apps > Don't Allow

🧯 If You Can't Patch

  • Implement Mobile Device Management (MDM) to restrict app installations to approved sources only
  • Educate users about risks of sideloading apps or using untrusted app sources

🔍 How to Verify

Check if Vulnerable:

Check iOS/iPadOS version in Settings > General > About > Version. If version is earlier than 16.6, device is vulnerable.

Check Version:

Not applicable - check via device Settings interface

Verify Fix Applied:

After update, verify version shows 16.6 or higher in Settings > General > About > Version.

📡 Detection & Monitoring

Log Indicators:

  • Unusual app behavior logs
  • Sandbox violation logs in system diagnostics

Network Indicators:

  • Unusual network traffic from apps accessing unexpected domains

SIEM Query:

Not typically applicable for mobile device sandbox escapes

📊 Metadata

CVE ID: CVE-2023-32437
CVSS v3 Score: 8.6 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Published: July 27, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON