CISA adds iPhone bugs to its Known Exploited Vulnerabilities catalog
The three issues reside in the WebKit browser engine and are tracked as CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373
Read More...The three issues reside in the WebKit browser engine and are tracked as CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373
Read More...The company advises organizations to review their environments to confirm the threat actors did not spread to other devices on the network
Read More...All four security flaws received almost maximum severity ratings with CVSS base scores of 9.8/10
Read More...The security bugs were all found in the multi-platform WebKit browser engine and are tracked as CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373
Read More...Impacted by multiple vulnerabilities that could enable attackers to upload arbitrary files on protected devices, steal user credentials, and allow children to bypass restrictions without the parents noticing
Read More...An unauthenticated attacker on the internet could use the vulnerability to coerce an Outlook client to connect to an attacker-controlled server
Read More...An attacker could exploit the bug via crafted arguments to existing commands, allowing them to execute unauthorized commands
Read More...A successful exploit could allow the attacker to execute arbitrary code on the affected device with full privileges
Read More...Federal Civilian Executive Branch (FCEB) agencies are required to apply vendor-provided fixes by May 22, 2023, to secure their networks against these active threats
Read More...Improper error message handling in some firewall versions could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device
Read More...