CVE-2023-32409
Apple Multiple Products WebKit Sandbox Escape Vulnerability
CVSS
—
No CVSS
EPSS
16.5%
p97
KEV
YES
May 22, 2023
Exploit Today
79
0-100
Published: — · Last modified: —
Product
Apple / Multiple Products
Vulnerability
Apple Multiple Products WebKit Sandbox Escape Vulnerability
Added to KEV
May 22, 2023
Remediate by
Jun 12, 2023
Known ransomware use
No
Summary description
Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an unspecified vulnerability that can allow a remote attacker to break out of the Web Content sandbox. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Required action
Apply updates per vendor instructions.
Notes
https://support.apple.com/HT213757, https://support.apple.com/HT213758, https://support.apple.com/HT213761, https://support.apple.com/HT213762, https://support.apple.com/HT213764, https://support.apple.com/HT213765; https://nvd.nist.gov/vuln/detail/CVE-2023-32409