CVE-2023-32409 | Mend Vulnerability Database

Vulnerability DatabaseCVE-2023-32409

CVE-2023-32409

June 23, 2023

The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited.

Related Resources (9)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-32409

https://support.apple.com/en-us/HT213761

https://access.redhat.com/security/cve/CVE-2023-32409

https://support.apple.com/en-us/HT213764

https://support.apple.com/en-us/HT213757

https://support.apple.com/en-us/HT213762

https://support.apple.com/en-us/HT213842

https://support.apple.com/en-us/HT213758

http://seclists.org/fulldisclosure/2023/Jul/46

Do you need more information?

CVSS v4

Base Score:

9.2

Attack Vector

NETWORK

Attack Complexity

LOW

Attack Requirements

NONE

Privileges Required

NONE

User Interaction

NONE

Vulnerable System Confidentiality

NONE

Vulnerable System Integrity

HIGH

Vulnerable System Availability

NONE

Subsequent System Confidentiality

NONE

Subsequent System Integrity

HIGH

Subsequent System Availability

NONE

Exploit Maturity

ATTACKED

CVSS v3

Base Score:

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

NONE

Exploit Maturity

HIGH

EPSS

Base Score:

0.25

Products

Solutions

Resources

Company

Compare

Developer Tools