Apple has released security updates to fix multiple product vulnerabilities, including a Zero-Day vulnerability tracked as CVE-2023-23529 that is currently reported to be exploited in the wild.

_____________________________

A. Nature of the Vulnerability

CVE-2023-23514 

  • Successful exploitation may allow adversaries to execute arbitrary code with kernel privileges.

CVE-2023-23522 

  • Successful exploitation may allow adversaries to observe unprotected user data.

CVE-2023-23529

  • Successful exploitation may allow adversaries to run arbitrary code execution to the affected system.

_____________________________

B. Affected Versions

iOS and iPadOS

  • All versions prior to iOS 16.3.1 and iPadOS 16.3.1

MacOS

  • All versions prior to macOS 13.2.1

_____________________________

C. Actions to be Taken

CERT-PH recommends the following actions be taken:

  • Kindly review and apply the necessary updates to mitigate future threats/
  • For additional information, kindly refer to the official report
    • https://support.apple.com/en-us/HT213633
    • https://support.apple.com/en-us/HT213635