Apple Releases Security Updates for Multiple Products - 20230413001

Overview

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device.

What is the vulnerability?

• Processing maliciously crafted web content may lead to arbitrary code execution: CVE-2023-28205 - CVSS v3 Base Score: 8.8
• An app may be able to execute arbitrary code with kernel privileges: CVE-2023-28206 - CVSS v3 Base Score: 8.6

What is vulnerable?

The vulnerability affects the following products:

• iOS 15.7.5 and iPadOS 15.7.5
• macOS Monterey 12.6.5
• macOS Big Sur 11.7.6
• Safari 16.4.1
• iOS 16.4.1 and iPadOS 16.4.1
• macOS Ventura 13.3.1

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices: Apple Support

Additional References

• Apple Releases Security Updates for Multiple Products | CISA