CVE-2023-39434

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Sep 27, 2023

Updated: Jan 31, 2024

CWE ID 416

Summary

CVE-2023-39434 is a use-after-free vulnerability that has been addressed in iOS 17, iPadOS 17, watchOS 10, and macOS Sonoma 14. This issue, which affects the processing of web content, could potentially allow for arbitrary code execution if exploited. The vulnerability stems from a memory management flaw where an object is used after it has been freed, leading to unintended consequences. By improving memory management, Apple has mitigated the risk associated with this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Apple (iPhone OS)
MacOS
Apple Watch
iPadOS
WatchOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/ssAfn7
https://www.cve.org/CVERecord?id=CVE-2023-39434
https://nvd.nist.gov/vuln/detail/CVE-2023-39434

Back to Vulnerability Database