← Volver a CVEs

CVE-2023-41064

HIGHCISA KEV

7.8

Descripcion

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, macOS Big Sur 11.7.10. Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Detalles CVE

Puntuacion CVSS v3.17.8

SeveridadHIGH

Vector CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vector de ataqueLOCAL

ComplejidadLOW

Privilegios requeridosNONE

Interaccion usuarioREQUIRED

Publicado9/7/2023

Ultima modificacion11/6/2025

Fuentekev

Avistamientos honeypot0

CISA KEV

VendedorApple

ProductoiOS, iPadOS, and macOS

Nombre vulnerabilidadApple iOS, iPadOS, and macOS ImageIO Buffer Overflow Vulnerability

Fecha inclusion KEV2023-09-11

Fecha limite remediacion2023-10-02

Uso en ransomwareUnknown

Productos afectados

apple:ipadosapple:iphone_osapple:macos

Debilidades (CWE)

CWE-120CWE-120

Referencias

http://www.openwall.com/lists/oss-security/2023/09/21/4(product-security@apple.com)

https://support.apple.com/en-us/HT213905(product-security@apple.com)

https://support.apple.com/en-us/HT213906(product-security@apple.com)

https://support.apple.com/en-us/HT213913(product-security@apple.com)

https://support.apple.com/en-us/HT213914(product-security@apple.com)

https://support.apple.com/en-us/HT213915(product-security@apple.com)

http://www.openwall.com/lists/oss-security/2023/09/21/4(af854a3a-2127-422b-91ae-364da2661108)

https://support.apple.com/en-us/HT213905(af854a3a-2127-422b-91ae-364da2661108)

https://support.apple.com/en-us/HT213906(af854a3a-2127-422b-91ae-364da2661108)

https://support.apple.com/en-us/HT213913(af854a3a-2127-422b-91ae-364da2661108)

https://support.apple.com/en-us/HT213914(af854a3a-2127-422b-91ae-364da2661108)

https://support.apple.com/en-us/HT213915(af854a3a-2127-422b-91ae-364da2661108)

https://support.apple.com/kb/HT213913(af854a3a-2127-422b-91ae-364da2661108)

https://support.apple.com/kb/HT213915(af854a3a-2127-422b-91ae-364da2661108)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-41064(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.