PT-2023-3222 · Apple+9 · Macos Ventura+13

Publicado

2023-06-21

·

Atualizado

2025-12-08

·

CVE-2023-32439

CVSS v3.1

8.8

Alta

VetorAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions iOS versions prior to 16.5.1 iPadOS versions prior to 16.5.1 macOS Ventura versions prior to 13.4.1 Safari versions prior to 16.5.1 iOS versions prior to 15.7.7 iPadOS versions prior to 15.7.7
Description A type confusion issue was addressed with improved checks. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Recommendations For iOS versions prior to 16.5.1, update to iOS 16.5.1 or later. For iPadOS versions prior to 16.5.1, update to iPadOS 16.5.1 or later. For macOS Ventura versions prior to 13.4.1, update to macOS Ventura 13.4.1 or later. For Safari versions prior to 16.5.1, update to Safari 16.5.1 or later. For iOS versions prior to 15.7.7, update to iOS 15.7.7 or later. For iPadOS versions prior to 15.7.7, update to iPadOS 15.7.7 or later.

Exploit

Correção

Type Confusion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-843

Identificadores relacionados

ALSA-2023:4201
ALSA-2023:4202
BDU:2023-03342
CESA-2023_4202
CVE-2023-32439
DSA-5449-1
ELSA-2023-4201
ELSA-2023-4202
MGASA-2023-0229
OPENSUSE-SU-2023_3233-1
OPENSUSE-SU-2023_3419-1
RHSA-2023:4201
RHSA-2023:4202
RHSA-2023_4201
RHSA-2023_4202
RHSA-2025:10364
RLSA-2023:4201
RLSA-2023:4202
RLSA-2023_4201
RLSA-2023_4202
SUSE-SU-2023:3233-1
SUSE-SU-2023:3237-1
SUSE-SU-2023:3300-1
SUSE-SU-2023:3419-1
USN-6264-1

Produtos afetados

Almalinux
Astra Linux
Centos
Debian
Linuxmint
Apple Macos
Red Hat
Rocky Linux
Safari
Suse
Ubuntu
Ios
Ipados
Macos Ventura