CVE-2023-32434
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2023-32434. We'll provide specific mitigation strategies based on your environment and risk profile.
CVSS Score
V3.1EPSS Score
v2025.03.14There is a 84.0% chance that this vulnerability will be exploited in the wild within the next 30 days.
Attack Vector Metrics
Impact Metrics
Description
An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS 15.7.7, macOS Monterey 12.6.7, watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, macOS Ventura 13.4.1. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.
Available Exploits
Related News
Alfie CG has just published a write-up about a deterministic kernel exploit called Trigon that can't fail when used.
Affected Products
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Known Exploited Vulnerability
This vulnerability is actively being exploited in the wild
Remediation Status
Due Date
Added to KEV
Required Action
Apply updates per vendor instructions.
Affected Product
Ransomware Risk
GitHub Security Advisories
Community-driven vulnerability intelligence from GitHub
Advisory Details
CVSS Scoring
CVSS Score
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References
Advisory provided by GitHub Security Advisory Database. Published: June 23, 2023, Modified: April 4, 2024