⚠ Actively exploited

Added to CISA KEV on 2023-04-10. Federal agencies required to patch by 2023-05-01. Required action: Apply updates per vendor instructions..

CVE-2023-28205 — Use After Free in Apple IOS AND Ipados

CWE-416 — Use After Free37 documents14 sources

Severity

8.8HIGHNVD

EPSS

0.1%

top 78.93%

CISA KEV

KEV

Added 2023-04-10

Due 2023-05-01

Exploit

Exploited in wild

Active exploitation observed

Affected products

Apple IOS AND Ipados Apple Macos Apple Safari +3 more

Timeline

PublishedApr 10

KEV addedApr 10

KEV dueMay 1

Latest updateMar 11

CISA Required Action: Apply updates per vendor instructions.

Description

A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages8 packages

▶NVDapple/ipados16.0 — 16.4.1+1

▶CVEListV5apple/ios_and_ipadosunspecified — 15.7+1

▶CVEListV5apple/macosunspecified — 13.3

▶NVDapple/macos< 13.3.1

▶CVEListV5apple/safariunspecified — 16.4

🔴Vulnerability Details

CVEList

CVE-2023-2203: A flaw was found in the WebKitGTK package↗2023-05-17

▶

GHSA

GHSA-6qjh-p74q-89mv: A use after free issue was addressed with improved memory management↗2023-04-10

▶

CVEList

CVE-2023-28205: A use after free issue was addressed with improved memory management↗2023-04-10

▶

OSV

CVE-2023-28205: A use after free issue was addressed with improved memory management↗2023-04-10

▶

VulnCheck

Apple Multiple Products WebKit Use-After-Free Vulnerability↗2023

▶

📋Vendor Advisories

Red Hat

webkitgtk: Regression of CVE-2023-28205 fixes in the Red Hat Enterprise Linux↗2023-05-09

▶

Ubuntu

WebKitGTK vulnerabilities↗2023-05-08

▶

Apple

CVE-2023-28205: iOS 15.7.5 and iPadOS 15.7.5↗2023-04-10

▶

CISA

Apple Multiple Products WebKit Use-After-Free Vulnerability↗2023-04-10

▶

Red Hat

WebKitGTK: use-after-free leads to arbitrary code execution↗2023-04-07

▶

🕵️Threat Intelligence

Bleepingcomputer

Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks↗2025-03-11

▶

Bleepingcomputer

Apple fixes zero-day exploited in 'extremely sophisticated' attacks↗2025-02-10

▶

Bleepingcomputer

Apple fixes this year’s first actively exploited zero-day bug↗2025-01-27

▶

Bleepingcomputer

Apple fixes two zero-days used in attacks on Intel-based Macs↗2024-11-19

▶

Bleepingcomputer

Apple fixes first zero-day bug exploited in attacks this year↗2024-01-22

▶