CVE-2023-23529

Name of the Vulnerable Software and Affected Versions Apple Multiple Products versions prior to iOS 15.7.4 Apple Multiple Products versions prior to iPadOS 15.7.4 Apple Multiple Products versions prior to iOS 16.3.1 Apple Multiple Products versions prior to iPadOS 16.3.1 Apple Multiple Products versions prior to macOS Ventura 13.2.1 Apple Multiple Products versions prior to Safari 16.3

Description A type confusion issue was addressed with improved checks. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. The issue is related to the WebKit framework of the browser, which could allow arbitrary code execution after an unsuspecting user visits a compromised URL.

Recommendations For versions prior to iOS 15.7.4, update to iOS 15.7.4 or later. For versions prior to iPadOS 15.7.4, update to iPadOS 15.7.4 or later. For versions prior to iOS 16.3.1, update to iOS 16.3.1 or later. For versions prior to iPadOS 16.3.1, update to iPadOS 16.3.1 or later. For versions prior to macOS Ventura 13.2.1, update to macOS Ventura 13.2.1 or later. For versions prior to Safari 16.3, update to Safari 16.3 or later.