Memory Corruption Vulnerability in Apple Operating Systems
CVE-2023-23519

7.5HIGH

Key Information:

Vendor: Apple
Status: iOS and iPadOS; tvOS; macOS; watchOS
Vendor: CVE Published:; 27 February 2023

Summary

A memory corruption issue was identified in various Apple operating systems that could allow an attacker to exploit flawed image processing. This vulnerability could potentially lead to a denial-of-service condition, impacting the availability and functionality of the affected devices. Apple has addressed this issue with improved state management in the latest versions of its operating systems, ensuring users are protected against potential exploits.

Affected Version(s)

iOS and iPadOS < 16.3

macOS < 13.2

tvOS < 16.3

References

https://support.apple.com/en-us/HT213606

https://support.apple.com/en-us/HT213601

https://support.apple.com/en-us/HT213605

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 27, 2023
Vulnerability Reserved
Jan 12, 2023