CVE-2023-23529
Apple Multiple Products WebKit Type Confusion Vulnerability
CVSS
—
No CVSS
EPSS
9.4%
p95
KEV
YES
Feb 14, 2023
Exploit Today
78
0-100
Published: — · Last modified: —
Product
Apple / Multiple Products
Vulnerability
Apple Multiple Products WebKit Type Confusion Vulnerability
Added to KEV
Feb 14, 2023
Remediate by
Mar 7, 2023
Known ransomware use
No
Summary description
Apple iOS, MacOS, Safari and iPadOS WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Required action
Apply updates per vendor instructions.
Notes
https://support.apple.com/en-us/HT213635, https://support.apple.com/en-us/HT213633, https://support.apple.com/en-us/HT213638; https://nvd.nist.gov/vuln/detail/CVE-2023-23529