What is the exposure or risk?Īpple’s recent vulnerabilities can lead to significant exposure and/or risk to its customers. It is imperative that these devices are updated to the latest security updates to avoid the threat these vulnerabilities pose to end users. Safari 16.5 – macOS Big Sur and macOS Monterey.watchOS 9.5 – Apple Watch Series 4 and later.tvOS 16.5 – Apple TV 4K (all models) and Apple TV HD.iOS 15.7.6 and iPadOS 15.7.6 iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation).
Noteworthy app pro#
iOS 16.5 and iPadOS 16.5 iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later.The following versions are impacted by the new zero-day vulnerabilities: Why is it noteworthy?Īpple is a popular brand amongst consumer devices. The remaining two other vulnerabilities were anonymously reported.īarracuda SOC will share more details on these zero-day vulnerabilities when more information is made available.CVE-2023-32409 is a vulnerability that allows the malicious actor to leave beyond the bounds of the Web Content sandbox environment.If exploited successfully, attackers can reveal sensitive information while processing web content. CVE-2023-28204 is related to an out-of-bounds read issue within Webkit.
Noteworthy app code#
Upon successful exploitation, the threat actor can perform arbitrary code execution.
These vulnerabilities are associated with WebKit and covers different intrusion methods. Apple released security updates to address three new zero-day vulnerabilities being exploited in the wild.
0 kommentar(er)
