About the security content of iOS 16.7 and iPadOS 16.7
This document describes the security content of iOS 16.7 and iPadOS 16.7.
About Apple security updates
For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security releases page.
Apple security documents reference vulnerabilities by CVE-ID when possible.
For more information about security, see the Apple Product Security page.
iOS 16.7 and iPadOS 16.7
Released September 21, 2023
App Store
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: A remote attacker may be able to break out of Web Content sandbox
Description: The issue was addressed with improved handling of protocols.
CVE-2023-40448: w0wbox
Entry added September 26, 2023
Ask to Buy
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to access protected user data
Description: The issue was addressed with improved checks.
CVE-2023-38612: Chris Ross (Zoom)
Entry added December 22, 2023
Biometric Authentication
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to disclose kernel memory
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2023-41232: Liang Wei of PixiePoint Security
Entry added September 26, 2023
CoreAnimation
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Processing web content may lead to a denial-of-service
Description: The issue was addressed with improved memory handling.
CVE-2023-40420: 이준성(Junsung Lee) of Cross Republic
Entry added September 26, 2023
Core Image
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to access edited photos saved to a temporary directory
Description: An issue was addressed with improved handling of temporary files.
CVE-2023-40438: Wojciech Regula of SecuRing (wojciechregula.blog)
Entry added December 22, 2023
Game Center
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to access contacts
Description: The issue was addressed with improved handling of caches.
CVE-2023-40395: Csaba Fitzl (@theevilbit) of Offensive Security
Entry added September 26, 2023
Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-41984: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd.
Entry added September 26, 2023
Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations
Description: The issue was addressed with improved memory handling.
CVE-2023-41981: Linus Henze of Pinauten GmbH (pinauten.de)
Entry added September 26, 2023
Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
Description: The issue was addressed with improved checks.
CVE-2023-41992: Bill Marczak of The Citizen Lab at The University of Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group
libxpc
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to access protected user data
Description: An authorization issue was addressed with improved state management.
CVE-2023-41073: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)
Entry added September 26, 2023
libxpc
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to delete files for which it does not have permission
Description: A permissions issue was addressed with additional restrictions.
CVE-2023-40454: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)
Entry added September 26, 2023
libxslt
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Processing web content may disclose sensitive information
Description: The issue was addressed with improved memory handling.
CVE-2023-40403: Dohyun Lee (@l33d0hyun) of PK Security
Entry added September 26, 2023
MobileStorageMounter
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: A user may be able to elevate privileges
Description: An access issue was addressed with improved access restrictions.
CVE-2023-41068: Mickey Jin (@patch1t)
Entry added September 26, 2023
Passkeys
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An attacker may be able to access passkeys without authentication
Description: The issue was addressed with additional permissions checks.
CVE-2023-40401: an anonymous researcher and weize she
Entry added December 22, 2023
Pro Res
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-41063: Certik Skyfall Team
Entry added September 26, 2023
Safari
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to identify what other apps a user has installed
Description: The issue was addressed with improved checks.
CVE-2023-35990: Adriatik Raci of Sentry Cybersecurity
Entry added September 26, 2023
Security
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
Description: A certificate validation issue was addressed.
CVE-2023-41991: Bill Marczak of The Citizen Lab at The University of Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group
Share Sheet
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to access sensitive data logged when a user shares a link
Description: A logic issue was addressed with improved checks.
CVE-2023-41070: Kirin (@Pwnrin)
Entry added September 26, 2023
WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 261544
CVE-2023-41993: Bill Marczak of The Citizen Lab at The University of Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group
Additional recognition
Apple Neural Engine
We would like to acknowledge pattern-f (@pattern_F_) of Ant Security Light-Year Lab for their assistance.
Entry added December 22, 2023
AppSandbox
We would like to acknowledge Kirin (@Pwnrin) for their assistance.
Entry added September 26, 2023
libxml2
We would like to acknowledge OSS-Fuzz, Ned Williamson of Google Project Zero for their assistance.
Entry added September 26, 2023
Kernel
We would like to acknowledge Bill Marczak of The Citizen Lab at The University of Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group for their assistance.
WebKit
We would like to acknowledge Khiem Tran, Narendra Bhati From Suma Soft Pvt. Ltd, Pune (India) for their assistance.
Entry added September 26, 2023
WebRTC
We would like to acknowledge anonymous researcher for their assistance.
Entry added September 26, 2023
Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.