CVE-2024-23213

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jan 23, 2024

Updated: Jun 12, 2024

Summary

CVE-2024-23213 is a recently identified vulnerability that allows for arbitrary code execution when processing web content. This issue has been resolved with improved memory handling in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5, and iPadOS 16.7.5, as well as in Safari 17.3. By exploiting this vulnerability, an attacker could potentially gain unauthorized access to sensitive information or take control of affected devices. Users are encouraged to update their software to protect against this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Apple Safari
tvOS
Apple Watch
Apple (iPhone OS)
iPadOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uIDgMF
https://www.cve.org/CVERecord?id=CVE-2024-23213
https://nvd.nist.gov/vuln/detail/CVE-2024-23213

Back to Vulnerability Database