CVE-2023-32435 - Apple Multiple Products WebKit Memory Corruption Vulnerability

Vulnerability Name

Apple Multiple Products WebKit Memory Corruption Vulnerability

Description

Apple iOS, iPadOS, macOS, and Safari WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes

https://support.apple.com/en-us/HT213670, https://support.apple.com/en-us/HT213671, https://support.apple.com/en-us/HT213676, https://support.apple.com/en-us/HT213811

https://nvd.nist.gov/vuln/detail/CVE-2023-32435

Related News Articles

Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacksMarch 12, 2025

Apple fixes zero-day exploited in 'extremely sophisticated' attacksFebruary 11, 2025

Apple fixes this year’s first actively exploited zero-day bugJanuary 28, 2025

Apple fixes two zero-days used in attacks on Intel-based MacsNovember 20, 2024