Skip to main content

Apple Products Remote Code Execution Vulnerabilities

Release Date: 11 Apr 2023 6381 Views

RISK: Extremely High Risk

TYPE: Operating Systems - Mobile & Apps

TYPE: Mobile & Apps

Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution on the targeted system.

 

Note:

CVE-2023-28205 and CVE-2023-28206 are being exploited in the wild. These vulnerabilities are related to the WebKit component when processing maliciously crafted web content that may lead to arbitrary code execution. 


Impact

  • Remote Code Execution

System / Technologies affected

  • Versions prior to iOS 15.7.5
  • Versions prior to iOS 16.4.1
  • Versions prior to iPadOS 15.7.5
  • Versions prior to iPadOS 16.4.1
  • Versions prior to macOS Big Sur 11.7.6
  • Versions prior to macOS Monterey 12.6.5
  • Versions prior to macOS Ventura 13.3.1
  • Versions prior to Safari 16.4.1

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

 

  • iOS 15.7.5
  • iOS 16.4.1
  • iPadOS 15.7.5
  • iPadOS 16.4.1
  • macOS Big Sur 11.7.6
  • macOS Monterey 12.6.5
  • macOS Ventura 13.3.1
  • Safari 16.4.1

Vulnerability Identifier


Source


Related Link