Experts from Kaspersky Lab’s Global Threat Research and Analysis Center have discovered a vulnerability in Apple smartphones that allows attackers to bypass hardware memory protection.
This vulnerability was used by attackers as part of the “Operation Triangulation” espionage campaign, which was previously discovered by Kaspersky Lab specialists.
The vulnerability was coded CVE-2023−38606 and was relevant for all versions of iOS up to 16.6. CVE-2023−38606 is an unused hardware feature that was likely intended for testing or debugging by Apple engineers.
To exploit the vulnerability, an attacker must first send the victim a hidden iMessage with a zero-click exploit attached. Afterwards, the attacker was able to execute code and escalated privileges using CVE-2023−38606.
Hackers have used this hardware feature to bypass the hardware security of Apple chips and manipulate protected areas of memory. As a result, the attackers gained full access to the infected gadget.
“This vulnerability proves that even the most advanced hardware protections are powerless in the face of a sophisticated attacker as long as there are hardware functions that allow them to bypass these protections,” said Boris Larin, lead cyber threat researcher at Kaspersky Lab.
Apple has now fixed this vulnerability.