top of page
Search

Apple Releases Critical Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit

  • Mar 12
  • 2 min read

Key Findings


  • Apple released security updates for older iOS and iPadOS versions to address vulnerabilities in the Coruna exploit kit

  • Updates cover devices that cannot upgrade to the latest iOS versions

  • Patches address multiple vulnerabilities, including WebKit and kernel-related issues

  • Coruna exploit kit targets iOS versions 13.0 through 17.2.1 with 23 total exploits


Background


The Coruna exploit kit, also known as CryptoWaters, was first identified by Google's Threat Intelligence Group in early 2025. The sophisticated framework targets Apple devices running iOS versions between 13.0 and 17.2.1, featuring a complex set of 23 exploits across five different exploit chains.


Vulnerability Details


The primary vulnerability addressed, CVE-2023-43010, is a WebKit-related security flaw that could result in memory corruption when processing maliciously crafted web content. Apple originally fixed this vulnerability in iOS 17.2 and has now backported the fix to older device versions.


Affected Devices


The security updates cover several older device models, including:


  • iPhone 6s and 7 series

  • iPhone SE (1st generation)

  • iPad Air 2

  • iPad mini (4th generation)

  • iPod touch (7th generation)

  • iPhone 8 and X series

  • Specific iPad Pro and iPad 5th generation models


Exploit Kit Characteristics


The Coruna exploit kit demonstrates advanced capabilities, including:


  • Ability to bypass device protections

  • Targeted delivery of exploits

  • Advanced payload injection mechanisms

  • Capability to exfiltrate sensitive information like cryptocurrency wallet data


Attribution and Speculation


There are ongoing discussions about the origin of the Coruna exploit kit, with speculation linking it to U.S. military contractors and potential connections to previous exploit frameworks. However, definitive attribution remains uncertain.


Mitigation Recommendations


  • Update devices to the latest available iOS version

  • Apply the security patches for iOS 15.8.7 and 16.7.15

  • Be cautious when browsing potentially malicious web content

  • Monitor device performance and security


Sources


  • https://thehackernews.com/2026/03/apple-issues-security-updates-for-older.html

  • https://securityaffairs.com/189362/security/apple-issues-emergency-fixes-for-coruna-flaws-in-older-ios-versions.html

  • https://www.reddit.com/r/pwnhub/comments/1rrw25f/apple_security_updates_address_coruna_exploit/

  • https://www.instagram.com/p/DVyGRCZjtSW/

  • https://9to5mac.com/2026/03/11/apple-confirms-todays-ios-and-ipados-updates-for-older-devices-address-the-coruna-exploit/

Recent Posts

See All

Comments

  • Youtube

© 2025 by Explain IT Again. Powered and secured by Wix

bottom of page