CVE-2023-32435

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jun 23, 2023
Updated: Dec 20, 2024
CWE ID 787

Summary

CVE-2023-32435 is a memory corruption vulnerability that Apple addressed through improved state management in macOS Ventura 13.3, Safari 16.4, iOS 16.4, and iPadOS 16.4, as well as in iOS 15.7.7 and iPadOS 15.7.7. Maliciously crafted web content could exploit this issue, resulting in arbitrary code execution. Apple has acknowledged that this vulnerability has been reportedly exploited against pre-iOS 15.7 versions.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • iOS
  • Apple Safari
  • iPadOS
  • Apple (iPhone OS)
  • MacOS

Affected Vendors

  • Apple