Three Known Exploited Apple Vulnerabilities - 20230523001

Overview

CISA has added three new Apple vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

What is the vulnerability?

• CVE-2023-32409 Apple Multiple Products WebKit Sandbox Escape Vulnerability
• This sandbox escape vulnerability could allow a remote attacker to break out of the Web Content sandbox. Apple has fixed the vulnerability with improved bounds checks.
• CVE-2023-28204 Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability
• This out-of-bounds read vulnerability could allow attackers to disclose sensitive information. An attacker may exploit this vulnerability by processing malicious web content. The vulnerability has been fixed with improved input validation.
• CVE-2023-32373 Apple Multiple Products WebKit Use-After-Free Vulnerability
• This use-after-free vulnerability allows attackers to perform arbitrary code execution. An attacker may exploit the vulnerability by processing maliciously crafted web content. Apple has fixed the vulnerability with improved memory management.

What is vulnerable?

These vulnerabilities affect multiple products. A list of products can be found in the CISA's Known Exploited Vulnerabilities Catalog.

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected products/devices.

Additional References

• CISA Adds Three Known Exploited Vulnerabilities to Catalog
• Apple Patches Three Zero-day Vulnerabilities in WebKit Browser Engine (CVE-2023-32409, CVE-2023-28204, & CVE-2023-32373) -- Qualys ThreatPROTECT