Please upgrade as soon as possible. Apple iPhone/iPad has been exposed with a vulnerability: it can obtain kernel read and write permissions

On May 23rd, IT Home reported that Jamf Threat Lab recently posted a blog post sharing the ColdInvite vulnerability on the iPhone, which allows attackers to exploit known ColdIntro vulnerabilities in iOS systems.

Security researcher 08tc3wbb discovered some "interesting and mysterious" information while analyzing the ColdIntro vulnerability (tracking number CVE-2022-32894, which Apple fixed last year), and ultimately discovered the ColdInvite vulnerability (tracking number CVE-2023-27930).

Apple released an iOS 15.6.1 update last year to fix the vulnerability ColdIntro. The ColdIntro vulnerability is the introduction of malicious code from the Display Coprocessor (DCP) into the AP kernel; The ColdInvite vulnerability discovered this time allows attackers to bypass DCP and directly enter the AP kernel.

Although attackers are unable to fully take over devices using the ColdIntro and ColdInvite vulnerabilities, they can use the coprocessor to obtain read/write permissions to the kernel, thereby invading the device and generating greater destructive power.

IT Home has attached the list of affected Apple products as follows:

• ColdIntro:IPhone 6s and newer models, iPad Pro (all models), iPad Air2 and newer models, iPad 5th generation and newer models, iPad mini 4 and newer models, and iPod touch (7th generation) with iOS 15.6 (and older versions of iOS) installed.

• IPhone 12 (and subsequent models), with iOS 14 to 16.4.1 installed.

The iOS/iPadOS16.5 update recently released by Apple has fixed the ColdInvite vulnerability (tracking number CVE-2023-27930). It is recommended that users upgrade as soon as possible.