CVE-2024-23222

Apple has released iOS 15.8.7 and iOS 16.7.15 to backport critical security fixes to older iPhones and iPads targeted by the Coruna exploit kit — a sophisticated framework containing 23 exploits across five chains that has been actively used by state actors and financial criminals to compromise devices running iOS 13 through 17.2.1.

Severity

critical

CVSS Score

8.8 / 10

Exploitation

Actively exploited

Published

Mar 12, 2026

Affected Products

›iPhone 6s (all models), iPhone 7 (all models), iPhone SE 1st generation — update to iOS 15.8.7
›iPad Air 2, iPad mini 4th generation, iPod touch 7th generation — update to iOS/iPadOS 15.8.7
›iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, iPad Pro 12.9-inch 1st generation — update to iOS/iPadOS 16.7.15
›All devices running iOS 13.0 through 17.2.1 were potentially vulnerable to the Coruna exploit kit before this patch

Full Analysis

Apple Backports Security Fixes for Older iPhones Targeted by the Coruna Exploit Kit — Update Now If You Have an iPhone 6s Through iPhone X

Deep-dive: technical breakdown, real-world impact, complete remediation steps, and expert context.

Read the full report →

← All threat reports All articles