Apple Products Multiple Vulnerabilities
RISK: Extremely High Risk
TYPE: Operating Systems - Mobile & Apps
Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger information disclosure, remote code execution, elevation of privilege, denial of service condition, security restriction bypass and data manipulation on the targeted system.
Note:
For CVE-2023-41991, a malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
For CVE-2023-41992, a local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
For CVE-2023-41993, processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
CVE-2023-41974 is being exploited in the wild. The vulnerability is a use-after-free vulnerability flaw. An app may be able to execute arbitrary code with kernel privileges.
[Updated on 2026-03-06]
Updated Description, Impact, Vulnerability Identifier and Related Links.
Impact
- Remote Code Execution
- Elevation of Privilege
- Security Restriction Bypass
- Information Disclosure
- Data Manipulation
- Denial of Service
System / Technologies affected
- Versions prior to Safari 16.6.1
- Versions prior to iOS 17.0.1 and iPadOS 17.0.1
- Versions prior to iOS 16.7 and iPadOS 16.7
- Versions prior to watchOS 10.0.1
- Versions prior to watchOS 9.6.3
- Versions prior to macOS Ventura 13.6
- Versions prior to macOS Monterey 12.7
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- Safari 16.6.1
- iOS 17.0.1 and iPadOS 17.0.1
- iOS 16.7 and iPadOS 16.7
- watchOS 10.0.1
- watchOS 9.6.3
- macOS Ventura 13.6
- macOS Monterey 12.7
Vulnerability Identifier
- CVE-2023-32359
- CVE-2023-32361
- CVE-2023-32396
- CVE-2023-35074
- CVE-2023-35984
- CVE-2023-35990
- CVE-2023-38596
- CVE-2023-38610
- CVE-2023-38612
- CVE-2023-38614
- CVE-2023-39434
- CVE-2023-40384
- CVE-2023-40385
- CVE-2023-40391
- CVE-2023-40393
- CVE-2023-40395
- CVE-2023-40396
- CVE-2023-40399
- CVE-2023-40400
- CVE-2023-40401
- CVE-2023-40403
- CVE-2023-40406
- CVE-2023-40409
- CVE-2023-40410
- CVE-2023-40412
- CVE-2023-40414
- CVE-2023-40417
- CVE-2023-40418
- CVE-2023-40419
- CVE-2023-40420
- CVE-2023-40422
- CVE-2023-40424
- CVE-2023-40427
- CVE-2023-40428
- CVE-2023-40429
- CVE-2023-40431
- CVE-2023-40432
- CVE-2023-40434
- CVE-2023-40438
- CVE-2023-40441
- CVE-2023-40448
- CVE-2023-40452
- CVE-2023-40454
- CVE-2023-40456
- CVE-2023-40520
- CVE-2023-40528
- CVE-2023-40529
- CVE-2023-41060
- CVE-2023-41063
- CVE-2023-41065
- CVE-2023-41068
- CVE-2023-41069
- CVE-2023-41070
- CVE-2023-41071
- CVE-2023-41073
- CVE-2023-41074
- CVE-2023-41174
- CVE-2023-41232
- CVE-2023-41968
- CVE-2023-41974
- CVE-2023-41980
- CVE-2023-41981
- CVE-2023-41984
- CVE-2023-41986
- CVE-2023-41991
- CVE-2023-41992
- CVE-2023-41993
- CVE-2023-41995
- CVE-2023-41996
- CVE-2023-42833
- CVE-2023-42870
- CVE-2023-42871
- CVE-2023-42872
- CVE-2023-42875
- CVE-2023-42925
- CVE-2023-42934
- CVE-2023-42949
- CVE-2023-42957
- CVE-2023-42961
- CVE-2023-42969
- CVE-2023-42970
- CVE-2023-42973
- CVE-2023-42977
Source
Related Link
- https://support.apple.com/en-us/120947
- https://support.apple.com/en-us/120948
- https://support.apple.com/en-hk/120949
- https://support.apple.com/en-us/HT213926
- https://support.apple.com/en-us/HT213927
- https://support.apple.com/en-us/HT213928
- https://support.apple.com/en-us/HT213929
- https://support.apple.com/en-us/HT213930
- https://support.apple.com/en-us/HT213931
- https://support.apple.com/en-us/HT213932
- https://www.cisa.gov/news-events/alerts/2026/03/05/cisa-adds-five-known-exploited-vulnerabilities-catalog
Related Tags
Share with