← Zuruck zu CVEs

CVE-2023-43000

HIGHCISA KEV

8.8

Beschreibung

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, Safari 16.6, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content may lead to memory corruption.

CVE Details

CVSS v3.1 Bewertung8.8

SchweregradHIGH

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionREQUIRED

Veroffentlicht11/5/2025

Zuletzt geandert3/12/2026

Quellekev

Honeypot-Sichtungen0

CISA KEV

HerstellerApple

ProduktMultiple Products

SchwachstellennameApple Multiple products Use-After-Free Vulnerability

KEV Aufnahmedatum2026-03-05

Behebungsfrist2026-03-26

Ransomware-NutzungUnknown

Betroffene Produkte

apple:ipadosapple:iphone_osapple:macosapple:safari

Schwachen (CWE)

CWE-416CWE-416

Referenzen

https://support.apple.com/en-us/120324(product-security@apple.com)

https://support.apple.com/en-us/120331(product-security@apple.com)

https://support.apple.com/en-us/120338(product-security@apple.com)

https://support.apple.com/en-us/126632(product-security@apple.com)

https://cloud.google.com/blog/topics/threat-intelligence/coruna-powerful-ios-exploit-kit(134c704f-9b21-4f2e-91b3-4a467353bcc0)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-43000(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.