CVE-2023-32413

Vulnerability

CVE-2023-32413 is a race condition affecting Apple's operating systems. The vulnerability exists in the kernel or system components and can be exploited by a malicious app to escalate privileges to root. The race condition was addressed with improved state handling. Affected versions include watchOS prior to 9.5, tvOS prior to 16.5, macOS Ventura prior to 13.4, iOS and iPadOS prior to 16.5 and 15.7.6, macOS Big Sur prior to 11.7.7, and macOS Monterey prior to 12.6.6 [1][2][3][4].

Exploitation

An attacker requires the ability to run a malicious app on the device. No additional privileges are needed initially; the app can exploit the race condition by triggering a specific sequence of operations that leads to a time-of-check time-of-use (TOCTOU) issue. The race condition likely involves access to shared resources, allowing the app to modify state after validation but before use. The exact exploitation steps are not publicly disclosed per Apple's security policy.

Impact

Successful exploitation allows a malicious app to gain root privileges on the affected device. This grants full control over the system, enabling the attacker to install software, modify system files, access sensitive data, and perform actions at the highest privilege level. The impact is complete compromise of confidentiality, integrity, and availability.

Mitigation

Apple released fixes on May 18, 2023. Users should update to the following versions: iOS 16.5, iPadOS 16.5, iOS 15.7.6, iPadOS 15.7.6, macOS Ventura 13.4, macOS Monterey 12.6.6, macOS Big Sur 11.7.7, tvOS 16.5, and watchOS 9.5 [1][2][3][4]. There are no known workarounds; applying the updates is the only mitigation.