A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS 16.6.1 and iPadOS 16.6.1. A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
CISA Catalog
Date Added
Due Date
Vulnerability Name
Required Action
2023-09-11
2023-10-02
Apple iOS, iPadOS, and watchOS Wallet Code Execution Vulnerability
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Date Added: 2023-09-11
Due Date: 2023-10-02
Vulnerability Name: Apple iOS, iPadOS, and watchOS Wallet Code Execution Vulnerability
Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.