CVE-2023-32435: A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS...

Description

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.7 and iPadOS 15.7.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.

Classification

CVE ID: CVE-2023-32435

Affected Products

Vendor: Apple

Product: macOS

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.2% (probability of being exploited)

EPSS Percentile: 57.83% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://support.apple.com/en-us/HT213670
https://support.apple.com/en-us/HT213811
https://support.apple.com/en-us/HT213671
https://support.apple.com/en-us/HT213676

Timeline

2024-12-17 00:30:17 UTC
CVE

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS...