Overview
- Description
- A type confusion issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited.
- Source
- product-security@apple.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
Known exploits
Data from CISA
- Vulnerability name
- Apple Multiple Products WebKit Type Confusion Vulnerability
- Exploit added on
- Jan 23, 2024
- Exploit action due
- Feb 13, 2024
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Weaknesses
- nvd@nist.gov
- CWE-843
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "52830EA8-817D-47D3-9A0E-2456C2D59301",
"versionEndExcluding": "16.7.5"
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7DFDDBEC-015C-4AC6-A2B8-387839CEDCCE",
"versionEndExcluding": "17.3",
"versionStartIncluding": "17.0"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FCC14DD1-6E3A-4326-AAD2-DEDF13584BBE",
"versionEndExcluding": "16.7.5"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD699999-B0F0-41D0-AE33-E7E4AA3C0F90",
"versionEndExcluding": "17.3",
"versionStartIncluding": "17.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "47173B39-5A7C-449E-B997-F3387581C195",
"versionEndExcluding": "12.7.3"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A3916CD8-E6D5-4786-903E-B86026859CE6",
"versionEndExcluding": "13.6.4",
"versionStartIncluding": "13.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "79ADFEBE-99EE-4F01-9AE8-489EB41885D1",
"versionEndExcluding": "14.3",
"versionStartIncluding": "14.0"
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "921307BF-8419-42C7-9B2C-8DD643723E38",
"versionEndExcluding": "17.3"
}
],
"operator": "OR"
}
]
}
]