CVE-2023-38424 – This vulnerability allows a malicious app to ex... (How to Fix)

Q: What is the severity of CVE-2023-38424?

CVE-2023-38424 has a CVSS score of 7.8 (HIGH). This vulnerability allows a malicious app to execute arbitrary code with kernel privileges on affected Apple devices. It affects iOS, iPadOS, and macOS systems before specific patched versions. Successful exploitation could lead to complete system compromise.

📋 TL;DR

This vulnerability allows a malicious app to execute arbitrary code with kernel privileges on affected Apple devices. It affects iOS, iPadOS, and macOS systems before specific patched versions. Successful exploitation could lead to complete system compromise.

💻 Affected Systems

Products:

iOS
iPadOS
macOS

Versions: Versions before iOS 16.6, iPadOS 16.6, and macOS Ventura 13.5

Operating Systems: iOS, iPadOS, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: All devices running affected versions are vulnerable by default. Requires malicious app installation.

📦 What is this software?

Ipados by Apple

View all CVEs affecting Ipados →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system takeover with kernel-level access, allowing installation of persistent malware, data theft, and bypassing all security controls.

🟠

Likely Case

Malicious app gains full system control, potentially stealing sensitive data, installing backdoors, or disabling security features.

🟢

If Mitigated

Limited impact if devices are properly segmented and app installation is restricted to trusted sources only.

🌐 Internet-Facing: LOW

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Exploitation requires user to install a malicious app. No public exploit code is known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: iOS 16.6, iPadOS 16.6, macOS Ventura 13.5

Vendor Advisory: https://support.apple.com/en-us/HT213841

Restart Required: Yes

Instructions:

1. Go to Settings > General > Software Update. 2. Download and install the available update. 3. Restart the device when prompted.

🔧 Temporary Workarounds

Restrict App Installation

all

Only allow installation of apps from trusted sources like the App Store

For iOS/iPadOS: Settings > Screen Time > Content & Privacy Restrictions > iTunes & App Store Purchases > Installing Apps > Don't Allow

🧯 If You Can't Patch

Isolate affected devices from critical networks and sensitive data
Implement strict application allowlisting and monitor for unauthorized app installations

🔍 How to Verify

Check if Vulnerable:

Check device version in Settings > General > About > Software Version

Check Version:

For macOS: sw_vers -productVersion

Verify Fix Applied:

Verify version is iOS 16.6+, iPadOS 16.6+, or macOS Ventura 13.5+

📡 Detection & Monitoring

Log Indicators:

Unexpected kernel extensions loading
Unusual app installation events
System integrity protection (SIP) violations

Network Indicators:

Unusual outbound connections from system processes
Suspicious network traffic patterns

SIEM Query:

source="apple_system_logs" AND (event="kernel_extension_load" OR event="app_install") AND status="unauthorized"

📊 Metadata

CVE ID: CVE-2023-38424

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Published: July 27, 2023

Last Updated: November 21, 2024

🔗 References

https://support.apple.com/en-us/HT213841 Vendor Advisory
https://support.apple.com/en-us/HT213843 Vendor Advisory
https://support.apple.com/en-us/HT213841 Vendor Advisory
https://support.apple.com/en-us/HT213843 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON