← Back

CVE-2023-32409

nvd nist
Published: Jun 23, 2023Modified: Jan 13, 2026CISA KEV

JSON object

Loading...
8.6
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Exploitability: 3.9 / Impact: 4.0
Source: NVD

Description

The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited.

Affected (8)

Apple
6 products
Ipados
Iphone Os
Macos
Safari
Tvos
Watchos
Configuration A
8 vulnerable
Vulnerable SoftwareAffected Versions
Apple
Ipados
From 15.0 to 15.7.8
Ipados
From 16.0 to 16.5
Apple
Iphone Os
From 15.0 to 15.7.8
Iphone Os
From 16.0 to 16.5
Macos
From 13.0 to 13.4
Safari
Before 16.5
Tvos
Before 16.5
Watchos
Before 9.5

References (13)

Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
US Government Resource

Timeline

No history available yet.