CVE-2023-32434 — Apple Multiple Products Integer Overflow Vulnerability

2023-06-23 • CISA Known Exploited Vulnerability

[event] Apple iOS. iPadOS, macOS, and watchOS contain an integer overflow vulnerability that could allow an application to execute code with kernel privileges.

> AFFECTED SOFTWARE

Field	Value
Vendor	Apple
Product	Multiple Products
CWE	CWE-190
CVE ID	CVE-2023-32434
Date Added	2023-06-23
Due Date	2023-07-14
Ransomware Campaign	Unknown

> MITIGATION

Apply updates per vendor instructions.

Due Date: 2023-07-14

> REFERENCES

[1] https://support.apple.com/en-us/HT213808,
[2] https://support.apple.com/en-us/HT213812,
[3] https://support.apple.com/en-us/HT213809,
[4] https://support.apple.com/en-us/HT213810,
[5] https://support.apple.com/en-us/HT213813,
[6] https://support.apple.com/en-us/HT213811,
[7] https://support.apple.com/en-us/HT213814
[8] https://nvd.nist.gov/vuln/detail/CVE-2023-32434