ByteOS Network

NVD Vulnerability Details :

CVE-2023-32434

Analyzed

Source-product-security@apple.com

View Known Exploited Vulnerability (KEV) details

Published At-23 Jun, 2023 | 18:15

Updated At-23 Oct, 2025 | 18:48

An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS 15.7.7, macOS Monterey 12.6.7, watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, macOS Ventura 13.4.1. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.

CISA Catalog

Date Added	Due Date	Vulnerability Name	Required Action
2023-06-23	2023-07-14	Apple Multiple Products Integer Overflow Vulnerability	Apply updates per vendor instructions.

Date Added: 2023-06-23

Due Date: 2023-07-14

Vulnerability Name: Apple Multiple Products Integer Overflow Vulnerability

Required Action: Apply updates per vendor instructions.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Secondary	3.1	7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Type: Primary

Version: 3.1

Base score: 7.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Type: Secondary

Version: 3.1

Base score: 7.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CPE Matches

Apple Inc.

>>ipados>>Versions before 15.7.7(exclusive)

cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*

Apple Inc.

>>ipados>>Versions from 16.0(inclusive) to 16.5.1(exclusive)

cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>Versions before 15.7.7(exclusive)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>Versions from 16.0(inclusive) to 16.5.1(exclusive)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Apple Inc.

>>macos>>Versions from 11.0(inclusive) to 11.7.8(exclusive)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Apple Inc.

>>macos>>Versions from 12.0.0(inclusive) to 12.6.7(exclusive)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Apple Inc.

>>macos>>Versions from 13.0(inclusive) to 13.4.1(exclusive)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Apple Inc.

>>watchos>>Versions before 8.8.1(exclusive)

cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

Apple Inc.

>>watchos>>Versions from 9.0(inclusive) to 9.5.2(exclusive)

cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-190	Primary	nvd@nist.gov
CWE-190	Secondary	134c704f-9b21-4f2e-91b3-4a467353bcc0

CWE ID: CWE-190

Type: Primary

Source: nvd@nist.gov

CWE ID: CWE-190

Type: Secondary

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

References

Hyperlink	Source	Resource
http://seclists.org/fulldisclosure/2023/Oct/20	product-security@apple.com	Mailing List Third Party Advisory
https://support.apple.com/en-us/HT213808	product-security@apple.com	Vendor Advisory
https://support.apple.com/en-us/HT213809	product-security@apple.com	Vendor Advisory
https://support.apple.com/en-us/HT213810	product-security@apple.com	Vendor Advisory
https://support.apple.com/en-us/HT213811	product-security@apple.com	Vendor Advisory
https://support.apple.com/en-us/HT213812	product-security@apple.com	Vendor Advisory
https://support.apple.com/en-us/HT213813	product-security@apple.com	Vendor Advisory
https://support.apple.com/en-us/HT213814	product-security@apple.com	Vendor Advisory
https://support.apple.com/kb/HT213990	product-security@apple.com	Vendor Advisory
http://seclists.org/fulldisclosure/2023/Oct/20	af854a3a-2127-422b-91ae-364da2661108	Mailing List Third Party Advisory
https://support.apple.com/en-us/HT213808	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
https://support.apple.com/en-us/HT213809	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
https://support.apple.com/en-us/HT213810	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
https://support.apple.com/en-us/HT213811	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
https://support.apple.com/en-us/HT213812	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
https://support.apple.com/en-us/HT213813	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
https://support.apple.com/en-us/HT213814	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
https://support.apple.com/kb/HT213990	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-32434	134c704f-9b21-4f2e-91b3-4a467353bcc0	US Government Resource