CVE-2023-36495

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jul 28, 2023
Updated: Aug 3, 2023
CWE ID 190

Summary

CVE-2023-36495 is a vulnerability involving an integer overflow that was previously addressed with insufficient input validation. This issue, if exploited, could potentially allow a malicious app to gain kernel privileges and execute arbitrary code on Apple devices running watchOS 9.6, macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6, and iPadOS 16.6, as well as macOS Ventura 13.5. The vulnerability has been rectified in the indicated software updates.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share