CVE-2023-41064
Apple iOS, iPadOS, and macOS ImageIO Buffer Overflow Vulnerability
CVSS
—
No CVSS
EPSS
15.3%
p96
KEV
YES
Sep 11, 2023
Exploit Today
79
0-100
Published: — · Last modified: —
Product
Apple / iOS, iPadOS, and macOS
Vulnerability
Apple iOS, iPadOS, and macOS ImageIO Buffer Overflow Vulnerability
Added to KEV
Sep 11, 2023
Remediate by
Oct 2, 2023
Known ransomware use
No
Summary description
Apple iOS, iPadOS, and macOS contain a buffer overflow vulnerability in ImageIO when processing a maliciously crafted image, which may lead to code execution. This vulnerability was chained with CVE-2023-41061.
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notes
https://support.apple.com/en-us/HT213905, https://support.apple.com/en-us/HT213906; https://nvd.nist.gov/vuln/detail/CVE-2023-41064