VDB
WID-SEC-W-2024-0178
WID-SEC-W-2024-0178
PUBLISHED
Das Apple iOS (vormals iPhone OS) ist das Betriebssystem für das von Apple entwickelte Smartphone iPhone, iPad und iPod Touch. Das Apple iPadOS ist das Betriebssystem für das von Apple entwickelte iPad.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple iOS <16.7.5 | ||
| Apple iOS <17.3 | ||
| Apple iPadOS <16.7.5 | ||
| Apple iPadOS <17.3 |
Exploit Intelligence
- CVE-2024-23222 WebKit type confusion → iOS 16.4.1 sandbox escape. Full chain: JSC JIT confusion → addrof/read64/write64 → WASM indirect call → arbitrary C functions → file write outside sandbox. (github-poc-repo)
- CVE-2024-23222 WebKit type confusion → iOS 16.4.1 sandbox escape. Full chain: JSC JIT confusion → addrof/read64/write64 → WASM indirect call → arbitrary C functions → file write outside sandbox. (github-poc)
- This script is designed to exploit a heap buffer overflow vulnerability in a socks5 proxy server. (github-poc-repo)
- Yang-Shun-Yu/CVE-2023-38545 (github-poc-repo)
- For all vicarius.io/vsoviety analysis (github-poc-repo)
- Network Security Project CVE-2023-38545 (github-poc-repo)
- Comprehensive deobfuscated research of the Coruna iOS exploit kit targeting CVE-2024-23222. Analysis of WebKit Type Confusion, PAC Bypass, and Sandbox Escape (github-poc-repo)
- Adaptation of Cassowary CVE-2024-23222 for Linux x86_64 (github-poc-repo)
- Analyze and deobfuscate the Coruna Exploit Kit (CVE-2024-23222) to enhance understanding and detection of related threats. (github-poc-repo)
- Analyze and deobfuscate the Coruna Exploit Kit (CVE-2024-23222) to enhance understanding and detection of related threats. (github-poc)
…and 40 more exploits
Timeline
- Jan 22, 2024 CVE Published
- May 9, 2024 CVE Updated