Apple fixes three new zero-days exploited to hack iPhones, Macs

Three fresh zero-day flaws that might have been used to hack into iPhones, Macs, and iPads have been fixed by Apple. The security flaws are all identified as CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373 and were all discovered in the cross-platform WebKit browser engine.

In security advisory outlining the issues, Apple stated that it was “aware of a report that this issue may have been actively exploited.” A sandbox escape vulnerability in the first issue allows remote attackers to bypass Web Content sandboxes. The other two are a use-after-free flaw that permits arbitrary code execution on compromised devices and an out-of-bounds read that lets attackers to access sensitive data, both after tricking the targets into loading maliciously constructed web pages.

Apple fixes three new zero-days exploited to hack iPhones, Macs

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

Apple fixes three new zero-days exploited to hack iPhones, Macs

18-May-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address