Apple Products Multiple Vulnerabilities

Release Date: 27 Sep 2023 3974 Views

RISK: Extremely High Risk

TYPE: Operating Systems - Mobile & Apps

Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, remote code execution, spoofing, data manipulation, information disclosure, denial of service and security restriction bypass on the targeted system.

Note:

For CVE-2023-41993, processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.

Impact

Remote Code Execution
Elevation of Privilege
Security Restriction Bypass
Spoofing
Data Manipulation
Information Disclosure
Denial of Service

System / Technologies affected

Versions prior to Safari 17
Versions prior to macOS Sonoma 14

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

Safari 17
macOS Sonoma 14

Vulnerability Identifier

CVE-2023-23495
CVE-2023-29497
CVE-2023-32361
CVE-2023-32377
CVE-2023-32396
CVE-2023-32421
CVE-2023-35074
CVE-2023-35984
CVE-2023-35990
CVE-2023-37448
CVE-2023-38586
CVE-2023-38596
CVE-2023-38615
CVE-2023-39233
CVE-2023-39434
CVE-2023-40384
CVE-2023-40386
CVE-2023-40388
CVE-2023-40391
CVE-2023-40395
CVE-2023-40399
CVE-2023-40400
CVE-2023-40402
CVE-2023-40403
CVE-2023-40406
CVE-2023-40407
CVE-2023-40410
CVE-2023-40417
CVE-2023-40420
CVE-2023-40422
CVE-2023-40424
CVE-2023-40426
CVE-2023-40427
CVE-2023-40429
CVE-2023-40432
CVE-2023-40434
CVE-2023-40436
CVE-2023-40441
CVE-2023-40448
CVE-2023-40450
CVE-2023-40451
CVE-2023-40452
CVE-2023-40454
CVE-2023-40455
CVE-2023-40541
CVE-2023-41063
CVE-2023-41065
CVE-2023-41066
CVE-2023-41067
CVE-2023-41070
CVE-2023-41073
CVE-2023-41074
CVE-2023-41078
CVE-2023-41079
CVE-2023-41968
CVE-2023-41979
CVE-2023-41980
CVE-2023-41981
CVE-2023-41984
CVE-2023-41986
CVE-2023-41993
CVE-2023-41995

Source

Apple