CVE-2023-23529 - Apple Multiple Products WebKit Type Confusion Vulnerability

Vulnerability Name

Apple Multiple Products WebKit Type Confusion Vulnerability

Description

Apple iOS, MacOS, Safari and iPadOS WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes

https://support.apple.com/en-us/HT213635, https://support.apple.com/en-us/HT213633, https://support.apple.com/en-us/HT213638

https://nvd.nist.gov/vuln/detail/CVE-2023-23529

Related News Articles

Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacksMarch 12, 2025

Apple fixes zero-day exploited in 'extremely sophisticated' attacksFebruary 11, 2025

Apple fixes this year’s first actively exploited zero-day bugJanuary 28, 2025

Apple fixes two zero-days used in attacks on Intel-based MacsNovember 20, 2024