Apple Products Multiple Vulnerabilities

Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution on the targeted system.

 

Note:

CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439 are being exploited in the wild. These vulnerabilities are related to the Kernel and WebKit components that may lead to arbitrary code execution. Threat actors may exploit the kernel vulnerability to execute arbitrary code with kernel privileges. For vulnerabilities of WebKit component, threat actors may execute arbitrary code on target device when the WebKit component processes a maliciously crafted web content. Kaspersky discovered these vulnerabilities were related to Operation Triangulation attack campaign.

RISK: Extremely High Risk

TYPE: Operating Systems – Mobile & Apps

TYPE: Mobile & Apps

Impact

  • Remote Code Execution

System / Technologies affected

  • Versions prior to Safari 16.5.1
  • Versions prior to iOS 16.5.1 and iPadOS 16.5.1
  • Versions prior to iOS 15.7.7 and iPadOS 15.7.7
  • Versions prior to macOS Ventura 13.4.1
  • Versions prior to macOS Monterey 12.6.7
  • Versions prior to macOS Big Sur 11.7.8
  • Versions prior to watchOS 9.5.2
  • Versions prior to watchOS 8.8.1

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

 

  • Safari 16.5.1
  • iOS 16.5.1 and iPadOS 16.5.1
  • iOS 15.7.7 and iPadOS 15.7.7
  • macOS Ventura 13.4.1
  • macOS Monterey 12.6.7
  • macOS Big Sur 11.7.8
  • watchOS 9.5.2
  • watchOS 8.8.1

Vulnerability Identifier


Source


Related Link


A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

 To keep up to date follow us on the below channels.