Apple Releases Rapid Security Responses for Actively Exploited Vulnerability CVE-2023-37450
The exploited zero-day vulnerability in Safari, iOS, iPadOS, and macOS Ventura could lead to arbitrary code execution
Summary
The exploited zero-day vulnerability in Safari, iOS, iPadOS, and macOS Ventura could lead to arbitrary code execution
Affected platforms
The following platforms are known to be affected:
Threat details
Apple Rapid Security Responses
The advisories for iOS, iPadOS, and macOS Ventura were released via Apple's new Rapid Security Responses, which deliver important security improvements between software updates or mitigate some security issues more quickly. When a Rapid Security Response has been applied, a letter will appear after the software version number. These kinds of updates will only be delivered for the latest version of iOS, iPadOS and macOS.
Introduction
Apple has released three security advisories to address one zero-day vulnerability in Safari, iOS, iPadOS, and macOS Ventura. An attacker could exploit the vulnerability tracked as CVE-2023-37450 to achieve arbitrary code execution.
Exploitation of CVE-2023-37450
Apple has reported that this vulnerability, known as CVE-2023-37450, may have been actively exploited to achieve arbitrary code execution.
Remediation advice
Affected organisations are encouraged to review the following Apple security advisories and apply any relevant updates or workarounds.
Remediation steps
| Type | Step |
|---|---|
| Patch |
Safari 16.5.2 | HT213826 https://support.apple.com/kb/HT213826 |
| Patch |
iOS 16.5.1 (a) and iPadOS 16.5.1 (a) | HT213823 https://support.apple.com/kb/HT213823 |
| Patch |
macOS Ventura 13.4.1 (a) | HT213825 https://support.apple.com/kb/HT213825 |
Definitive source of threat updates
CVE Vulnerabilities
Last edited: 11 July 2023 3:42 pm