APPLE has issued security updates for older iPhones and iPads to address vulnerabilities linked to the Coruna exploits, delivering iOS 16.7.15 and iPadOS 15.8.7 for devices no longer receiving major OS updates. The Coruna kit, also known as CryptoWaters, targets iPhones running iOS versions 13.0 through 17.2.1 and comprises five exploit chains and a total of 23 exploits.
In the recent patches, iOS and iPadOS 15.8.7 fixes CVE-2023-41974, CVE-2024-23222, CVE-2023-43000, and CVE-2023-43010, while iOS 16.7.15 patches CVE-2023-43010. According to Apple’s advisory, the fix for the Coruna-associated issue was shipped in iOS 17.3 on 22 January 2024 and is now being backported to devices unable to update to the latest iOS version.
Google’s Threat Intelligence Group had identified Coruna as a powerful exploit kit in early March, with the kit capable of WebKit RCE and PAC bypasses and activity observed in targeted campaigns by UNC6353 and UNC6691. The article notes that Coruna remains ineffective against the newest iOS release, implying a narrowing window for attack vectors on older devices.