CVE-2024-23222
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3....
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- January 12, 2024
- Published Date
- January 23, 2024
- Last Updated
- February 13, 2025
- Vendor
- Apple
- Product
- iOS and iPadOS, tvOS, macOS
- Description
- A type confusion issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited.
CVSS Scores
CVSS v3.1
8.8 - HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
SSVC Information
- Exploitation
- active
- Technical Impact
- total
Exploit Status
- Exploited in the Wild
- Yes (added 2024-01-23 00:00:00 UTC) Source
References
https://support.apple.com/en-us/HT214059
https://support.apple.com/en-us/HT214055
https://support.apple.com/en-us/HT214061
https://support.apple.com/kb/HT214063
https://support.apple.com/kb/HT214059
https://support.apple.com/kb/HT214057
https://support.apple.com/kb/HT214058
https://support.apple.com/kb/HT214061
https://support.apple.com/kb/HT214055
https://support.apple.com/kb/HT214056
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CISA | 2024-01-23 00:00:00 UTC |