CVE-2023-42890

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Dec 12, 2023

Updated: Jun 12, 2024

CWE ID 94

Summary

CVE-2023-42890 is a newly disclosed vulnerability affecting multiple Apple platforms, including Safari web browser, macOS, watchOS, iOS, iPadOS, and tvOS. The flaw, now patched, was related to improper memory handling. A successful exploit could potentially result in arbitrary code execution while processing web content. Users are advised to update their devices to the latest versions (Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2, iPadOS 17.2, and tvOS 17.2) to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/ssAoHT
https://www.cve.org/CVERecord?id=CVE-2023-42890
https://nvd.nist.gov/vuln/detail/CVE-2023-42890

Back to Vulnerability Database

CVE-2023-42890

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations