CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List
securityweek
The US cybersecurity agency CISA on Thursday expanded the Known Exploited Vulnerabilities (KEV) list with five flaws, including three bugs targeted by the nation-state-grade Coruna iOS exploit kit.
Coruna contains exploits targeting 23 vulnerabilities in iOS versions spanning four years, namely iOS 13.0 to iOS 17.2.1, but is ineffective against the latest iterations of Apple’s mobile platform.
It has been used by multiple threat actors, including the customer of a spyware vendor, a Russian espionage group, and a financially motivated Chinese group.
Likely built using ‘second-hand’ zero-day exploits, Coruna fingerprints devices to load the appropriate WebKit remote code execution (RCE) exploit, bypasses various platform mitigations, and injects a payload in the ‘powerd’ daemon running as root.
The payload targets the victim’s financial information and can also load additional modules for exfiltrating cryptocurrency wallets and sensitive information from multiple applications.
Of the 23 security defects targeted ...
Copyright of this story solely belongs to securityweek . To see the full text click HERE