CVE-2023-42824

Name of the Vulnerable Software and Affected Versions iOS versions prior to 16.6 iOS versions prior to 16.7.1 iPadOS versions prior to 16.6 iPadOS versions prior to 16.7.1 iOS 17.0.3 and iPadOS 17.0.3 are mentioned as fixed versions, implying that versions prior to these are vulnerable.

Description The issue is related to a local privilege escalation vulnerability in the XNU kernel of iOS and iPadOS, allowing a local attacker to elevate their privileges. This vulnerability has been actively exploited in the wild. Apple has addressed the issue with improved checks. A local attacker may be able to elevate their privileges.

Recommendations For iOS versions prior to 16.6: Update to iOS 16.6 or later to fix the issue. For iOS versions prior to 16.7.1: Update to iOS 16.7.1 or later to fix the issue. For iPadOS versions prior to 16.6: Update to iPadOS 16.6 or later to fix the issue. For iPadOS versions prior to 16.7.1: Update to iPadOS 16.7.1 or later to fix the issue. For versions prior to iOS 17.0.3 and iPadOS 17.0.3: Update to iOS 17.0.3 or iPadOS 17.0.3 or later to fix the issue. As a temporary workaround, consider restricting access to sensitive features and data on the device until the update can be applied.