logo

CVE-2023-41990 - Apple Multiple Products Code Execution Vulnerability

CVE-2023-41990

Apple | Multiple Products

  • Date Added:
  • 2024-01-08
  • Due Date:
  • 2024-01-29
Vulnerability Name

Apple Multiple Products Code Execution Vulnerability

Description

Apple iOS, iPadOS, macOS, tvOS, and watchOS contain an unspecified vulnerability that allows for code execution when processing a font file.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes
https://support.apple.com/en-us/HT213599, https://support.apple.com/en-us/HT213601, https://support.apple.com/en-us/HT213605, https://support.apple.com/en-us/HT213606, https://support.apple.com/en-us/HT213842, https://support.apple.com/en-us/HT213844, https://support.apple.com/en-us/HT213845 ; https://nvd.nist.gov/vuln/detail/CVE-2023-41990

Free online web security scanner