CVE-2023-41064

Summary

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, macOS Big Sur 11.7.10. Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Affected Software

VendorProductVersion RangeStatus
ApplemacOSunspecified < 12.6affected
ApplemacOSunspecified < 11.7affected
AppleiOS and iPadOSunspecified < 16.6affected
AppleiOS and iPadOSunspecified < 15.7affected
ApplemacOSunspecified < 13.5affected

Weaknesses

  • Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: yes
    • Technical Impact: total

Additional References

References