PT-2023-8133 · Apple+4 · Apple Macos+8

Dong Jun Kim

Published

2022-09-28

Updated

2025-06-11

CVE-2023-42833

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions macOS versions prior to Sonoma 14 Safari versions prior to 17 iOS versions prior to 17 iPadOS versions prior to 17

Description The issue is caused by a buffer overflow in the WebKit component of the macOS operating system. Exploitation of this issue may allow a local attacker to execute arbitrary code using a specially crafted link. Processing web content may lead to arbitrary code execution.

Recommendations For macOS versions prior to Sonoma 14, update to macOS Sonoma 14 to resolve the issue. For Safari versions prior to 17, update to Safari 17 to resolve the issue. For iOS versions prior to 17, update to iOS 17 to resolve the issue. For iPadOS versions prior to 17, update to iPadOS 17 to resolve the issue.

Fix

Code Injection

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94CWE-119

Related Identifiers

BDU:2024-00112

CESA-2023_7055

CVE-2023-42833

DLA-3124-1

DSA-5240-1

DSA-5241-1

OPENSUSE-SU-2024_0548-1

RHSA-2023:6535

RHSA-2023:7055

RHSA-2023_6535

RHSA-2023_7055

RHSA-2025:10364

SUSE-SU-2024:0519-1

SUSE-SU-2024:0545-1

SUSE-SU-2024:0548-1

Affected Products

Astra Linux

Centos

Apple Macos

Red Hat

Safari

Suse

Webkit

Ios

Ipados

PT-2023-8133 · Apple+4 · Apple Macos+8

CVE-2023-42833

Weakness Enumeration

Related Identifiers

Affected Products

References · 41