CVE-2023-41064 — Apple iOS, iPadOS, and macOS ImageIO Buffer Overflow Vulnerability
2023-09-11 • CISA Known Exploited Vulnerability
[event] Apple iOS, iPadOS, and macOS contain a buffer overflow vulnerability in ImageIO when processing a maliciously crafted image, which may lead to code execution. This vulnerability was chained with CVE-2023-41061.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Apple |
| Product | iOS, iPadOS, and macOS |
| CWE | CWE-120 |
| CVE ID | CVE-2023-41064 |
| Date Added | 2023-09-11 |
| Due Date | 2023-10-02 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Due Date: 2023-10-02