Known Exploited Apple iOS and iPad Zeroday Vulnerabilities - 20240307001¶
Overview¶
The WA SOC has been made aware of two new zerodays affecting Apple iOS and iPad. CISA has reported these vulnerabilities as known exploited.
What is vulnerable?¶
As of publishing this advisory, CVSS scores have not been published.
| Product(s) Affected | CVE | Severity | CVSS | Exploit exists | Dated |
|---|---|---|---|---|---|
| **versions before iOS 17.4, iPadOS 17.4 |
CVE-2024-23225 | TDB | 7.8 | Yes (Zero Day) | 7 Mar, 2024 |
| CVE-2024-23296 | 7.8 | TBD | Yes (Zero Day) | 7 Mar, 2024 |
What has been observed?¶
There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
Recommendation¶
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of one month (refer Patch Management):
Additional References¶
- https://support.apple.com/en-us/HT214081
- https://support.apple.com/en-us/HT214082