Vulnerability in Apple Ios And Ipados
CVE-2023-42866
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, tvOS 16.6, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution.
EPSS: 0.007 (48.6th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.
Affected products
- Apple Ios And Ipados — versions unspecified
- Apple Ipados
- Apple Iphone_os
- Apple Macos — versions unspecified
- Apple Safari — versions unspecified
- Apple Tvos — versions unspecified
- Apple Watchos — versions unspecified
References
- product-security@apple.com (Release Notes, Vendor Advisory)
- product-security@apple.com (Release Notes, Vendor Advisory)
- product-security@apple.com (Release Notes, Vendor Advisory)
- product-security@apple.com (Release Notes, Vendor Advisory)
- product-security@apple.com (Release Notes, Vendor Advisory)
Frequently asked questions
- What is CVE-2023-42866?
- CVE-2023-42866 is a high-severity vulnerability in Apple Ios And Ipados. CVSS score: 8.8/10. Published 2024-01-10.
- How severe is CVE-2023-42866?
- High severity. CVSS v3 base score is 8.8 out of 10.