CVE-2023-32409 - Apple Multiple Products WebKit Sandbox Escape Vulnerability

CVE-2023-32409: Apple | Multiple Products

Date Added:
2023-05-22

Due Date:
2023-06-12

Vulnerability Name: Apple Multiple Products WebKit Sandbox Escape Vulnerability

Description: Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an unspecified vulnerability that can allow a remote attacker to break out of the Web Content sandbox. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply updates per vendor instructions.

Additional Notes: https://support.apple.com/HT213757, https://support.apple.com/HT213758, https://support.apple.com/HT213761, https://support.apple.com/HT213762, https://support.apple.com/HT213764, https://support.apple.com/HT213765; https://nvd.nist.gov/vuln/detail/CVE-2023-32409

Related News Articles: Apple fixes two zero-days used in attacks on Intel-based MacsNovember 20, 2024

Free security scan for your website

Don't show website scan report rating on the leaderboard