Multiple vulnerabilities identified in Apple Products pose an Extremely High Risk. Two vulnerabilities, CVE-2023-38606 and CVE-2023-37450, are actively being exploited. Stay safe and update your devices!

Technical Summary of Apple Products Multiple Vulnerabilities

A technical summary of multiple vulnerabilities identified in Apple Products. The information is based on a security bulletin published by HKCERT.

Risk Level
The risk level of these vulnerabilities is classified as Extremely High Risk.

Vulnerability Types
The vulnerabilities are related to the following types:

Denial of service condition
Elevation of privilege
Remote code execution
Sensitive information disclosure
Data manipulation
Security restriction bypass

Exploited Vulnerabilities
Two vulnerabilities, CVE-2023-38606 and CVE-2023-37450, are currently being exploited in the wild. These vulnerabilities are related to the Kernel and WebKit components that may lead to arbitrary code execution.

CVE-2023-38606: An app may be able to modify sensitive kernel state. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1.

CVE-2023-37450: Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Source: [HKCERT Security Bulletin](https://www.hkcert.org/security-bulletin/apple-products-multiple-vulnerabilities_20230725)

#AppleSecurity #CyberSecurity #Vulnerabilities #HighRisk #CVE202338606 #CVE202337450