CVE-2023-37450 - Apple Multiple Products WebKit Code Execution Vulnerability

Vulnerability Name

Apple Multiple Products WebKit Code Execution Vulnerability

Description

Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.

Additional Notes

https://support.apple.com/en-us/HT213826, https://support.apple.com/en-us/HT213841, https://support.apple.com/en-us/HT213843, https://support.apple.com/en-us/HT213846, https://support.apple.com/en-us/HT213848

https://nvd.nist.gov/vuln/detail/CVE-2023-37450

Related News Articles

Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacksMarch 12, 2025

Apple fixes zero-day exploited in 'extremely sophisticated' attacksFebruary 11, 2025

Apple fixes this year’s first actively exploited zero-day bugJanuary 28, 2025

Apple fixes two zero-days used in attacks on Intel-based MacsNovember 20, 2024