CVE-2023-38136

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jul 27, 2023

Updated: Aug 3, 2023

Summary

CVE-2023-38136 is a vulnerability affecting iOS and iPadOS, as well as watchOS. The issue is rooted in insufficient memory handling, allowing an application to gain kernel privileges and potentially execute arbitrary code. This security flaw has been addressed in iOS 16.6, iPadOS 16.6, and watchOS 9.6 updates. Users are strongly encouraged to apply these patches to mitigate the risk of potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Apple (iPhone OS)
Apple Watch
iPadOS
WatchOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sD0u_0
https://www.cve.org/CVERecord?id=CVE-2023-38136
https://nvd.nist.gov/vuln/detail/CVE-2023-38136

Back to Vulnerability Database