CVE-2023-37285 – This CVE describes a critical kernel-level out-... (How to Fix)

Q: What is the severity of CVE-2023-37285?

CVE-2023-37285 has a CVSS score of 9.8 (CRITICAL). This CVE describes a critical kernel-level out-of-bounds read vulnerability in Apple operating systems. An attacker could exploit this to execute arbitrary code with kernel privileges, potentially gaining full control of affected devices. All users running vulnerable versions of iOS, iPadOS, and macOS are affected.

📋 TL;DR

This CVE describes a critical kernel-level out-of-bounds read vulnerability in Apple operating systems. An attacker could exploit this to execute arbitrary code with kernel privileges, potentially gaining full control of affected devices. All users running vulnerable versions of iOS, iPadOS, and macOS are affected.

💻 Affected Systems

Products:

iOS
iPadOS
macOS

Versions: Versions prior to iOS 15.7.8, iPadOS 15.7.8, macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5

Operating Systems: iOS, iPadOS, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: All standard configurations are vulnerable; no special configuration required for exploitation.

📦 What is this software?

Ipados by Apple

View all CVEs affecting Ipados →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with kernel-level privileges, allowing attackers to install persistent malware, steal sensitive data, or create backdoors.

🟠

Likely Case

Privilege escalation leading to unauthorized access to system resources and potential data exfiltration.

🟢

If Mitigated

Limited impact if systems are isolated, have strict application controls, and network segmentation prevents lateral movement.

🌐 Internet-Facing: HIGH - Exploitation could occur through malicious apps or web content targeting vulnerable devices.

🏢 Internal Only: MEDIUM - Requires local access or compromised internal applications, but kernel privileges make it dangerous if exploited.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires a malicious app to be installed or executed on the target device, but kernel privileges make this highly dangerous.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: iOS 15.7.8, iPadOS 15.7.8, macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5

Vendor Advisory: https://support.apple.com/en-us/HT213842

Restart Required: Yes

Instructions:

1. Open Settings > General > Software Update on iOS/iPadOS or System Preferences > Software Update on macOS. 2. Download and install the latest available update. 3. Restart the device when prompted.

🔧 Temporary Workarounds

Application Control

all

Restrict installation of untrusted applications to reduce attack surface.

🧯 If You Can't Patch

Isolate affected devices from critical networks and internet access.
Implement strict application allowlisting to prevent execution of untrusted code.

🔍 How to Verify

Check if Vulnerable:

Check the operating system version in Settings > General > About on iOS/iPadOS or About This Mac on macOS.

Check Version:

On macOS: sw_vers -productVersion; On iOS/iPadOS: Check in Settings > General > About > Version

Verify Fix Applied:

Verify the installed version matches or exceeds the patched versions listed in the fix information.

📡 Detection & Monitoring

Log Indicators:

Unexpected kernel panics
Unusual process creation with elevated privileges
Failed attempts to access kernel memory

Network Indicators:

Unusual outbound connections from system processes
Suspicious network activity following app installation

SIEM Query:

Process creation events where parent process is unknown or suspicious, followed by privilege escalation attempts.

📊 Metadata

CVE ID: CVE-2023-37285

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-125

Published: July 28, 2023

Last Updated: November 21, 2024

🔗 References

https://support.apple.com/en-us/HT213842 Vendor Advisory
https://support.apple.com/en-us/HT213843 Vendor Advisory
https://support.apple.com/en-us/HT213844 Vendor Advisory
https://support.apple.com/en-us/HT213845 Vendor Advisory
https://support.apple.com/kb/HT213842 Vendor Advisory
https://support.apple.com/kb/HT213843 Vendor Advisory
https://support.apple.com/kb/HT213844 Vendor Advisory
https://support.apple.com/kb/HT213845 Vendor Advisory
https://support.apple.com/en-us/HT213842 Vendor Advisory
https://support.apple.com/en-us/HT213843 Vendor Advisory
https://support.apple.com/en-us/HT213844 Vendor Advisory
https://support.apple.com/en-us/HT213845 Vendor Advisory
https://support.apple.com/kb/HT213842 Vendor Advisory
https://support.apple.com/kb/HT213843 Vendor Advisory
https://support.apple.com/kb/HT213844 Vendor Advisory
https://support.apple.com/kb/HT213845 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-37285, you might also want to check these: