May 21, 2023

Apple Patches Three Zero-Day Vulnerabilities

Apple has addressed three zero-days vulnerabilities in macOS and additional products.

The Zero-day Vulnerabilities

• CVE-2023-28204 – Sandbox Escape Vulnerability. A remote threat actor can exploit this vulnerability to break out of web content sandboxes.
• CVE-2023-32409, CVE-2023-32373 – Out-Of-Bounds Read Vulnerabilities.
  A threat actor can exploit these vulnerabilities to gain access to sensitive information, and a use-after-free flaw, which permits arbitrary code execution.

Affected Products

• macOS Big Sur 11.7.7
• macOS Ventura 13.4
• macOS Monterey 12.6.6

Mitigation

CYREBRO recommends updating the relevant products.

References: Apple