CVE-2023-41064 - Apple iOS, iPadOS, and macOS ImageIO Buffer Overflow Vulnerability

Vulnerability Name

Apple iOS, iPadOS, and macOS ImageIO Buffer Overflow Vulnerability

Description

Apple iOS, iPadOS, and macOS contain a buffer overflow vulnerability in ImageIO when processing a maliciously crafted image, which may lead to code execution. This vulnerability was chained with CVE-2023-41061.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://support.apple.com/en-us/HT213905, https://support.apple.com/en-us/HT213906

https://nvd.nist.gov/vuln/detail/CVE-2023-41064

Related News Articles

Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacksMarch 12, 2025

Apple fixes zero-day exploited in 'extremely sophisticated' attacksFebruary 11, 2025

Apple fixes this year’s first actively exploited zero-day bugJanuary 28, 2025

Apple fixes two zero-days used in attacks on Intel-based MacsNovember 20, 2024