You are currently viewing Apple Fixes Multiple Security Vulnerabilities Including Three Zero-day Exploits!

Apple Fixes Multiple Security Vulnerabilities Including Three Zero-day Exploits!

  • Post author:
  • Reading time:29 mins read

Apple fixes multiple security vulnerabilities for various products in the Apple Security Updates in May 2023.

A total of 59 vulnerabilities were fixed in five products. This includes three zero-day vulnerabilities discovered in the multi-platform WebKit browser engine and exploited to hack a large number of devices as the bug affects both older and newer models of iPhones and Macs.

The security patches for MacOS (macOS Big Sur, macOS Big Monterey, and macOS Ventura) fix 54 vulnerabilities. However, these vulnerabilities have multiple impacts on successful exploitation. Therefore, an attacker can use it to cause a denial of service, disclose information, execute arbitrary code, bypass privacy preferences, or compromise security. It is essential for laptops like macs to have a fast scanning vulnerability management tool.

Apple Fixes Multiple Security Vulnerabilities in Apple Safari, preventing information disclosure and arbitrary code execution.

The security patch released for iOS and iPadOS fixes 44 vulnerabilities in total. Surprisingly, attackers can exploit these flaws to cause a denial of service, disclose information, execute arbitrary code, or bypass privacy preferences.

WatchOS has 32 vulnerabilities patched, which could allow attackers to disclose information, execute arbitrary code, or bypass privacy preferences.

In the tvOS, Apple Fixes Multiple Security Vulnerabilities, 28 vulnerabilities were fixed that could lead to data disclosure, arbitrary code execution, or privacy bypasses.


Apple Fixes Multiple Security Vulnerabilities with these Updates Summary (May 18, 2023):

1. Safari

Affected OS: macOS Big Sur and macOS Monterey

Affected features: WebKit

Impact: Information Disclosure and Arbitrary Code Execution

CVEs: CVE-2023-32402, CVE-2023-32423, CVE-2023-32409, CVE-2023-28204, CVE-2023-32373


Apple fixes vulnerabilities for all versions of macOS,

2. macOS

* macOS Ventura

Affected OS: macOS Ventura before 13.4

Affected features: Kernel, Accessibility, AppleMobileFileIntegrity, Associated Domains, Contacts, Core Location, CoreServices, CUPS, dcerpc, DesktopServices, GeoServices, ImageIO, IOSurface, IOSurfaceAccelerator, LaunchServices, libxpc, Metal, Model I/O, NetworkExtension, PackageKit, PDFKit, Perl, Photos, Sandbox, Screen Saver, Security, Shell, Shortcuts, Siri, SQLite, StorageKit, System Settings, Telephony, TV App, Weather, WebKit, and Wi-Fi

Impact: Denial of Service, Information Disclosure, Arbitrary Code Execution, Bypass of Privacy Preferences, Security Bypass, and so on

CVEs: CVE-2023-27930, CVE-2023-27940, CVE-2023-28191, CVE-2023-28202, CVE-2023-28204, CVE-2023-32352, CVE-2023-32355, CVE-2023-32357, CVE-2023-32360, CVE-2023-32363, CVE-2023-32367, CVE-2023-32368, CVE-2023-32369, CVE-2023-32371, CVE-2023-32372, CVE-2023-32373, CVE-2023-32375, CVE-2023-32376, CVE-2023-32380, CVE-2023-32382, CVE-2023-32384, CVE-2023-32385, CVE-2023-32386, CVE-2023-32387, CVE-2023-32388, CVE-2023-32389, CVE-2023-32390, CVE-2023-32391, CVE-2023-32392, CVE-2023-32394, CVE-2023-32395, CVE-2023-32397, CVE-2023-32398, CVE-2023-32399, CVE-2023-32400, CVE-2023-32402, CVE-2023-32403, CVE-2023-32404, CVE-2023-32405, CVE-2023-32407, CVE-2023-32408, CVE-2023-32409, CVE-2023-32410, CVE-2023-32411, CVE-2023-32412, CVE-2023-32413, CVE-2023-32414, CVE-2023-32415, CVE-2023-32420, CVE-2023-32422, CVE-2023-32423

* macOS Monterey

Affected OS: macOS Monterey before 12.6.6

Affected features: Accessibility, AppleEvents, AppleMobileFileIntegrity, Contacts, CUPS, dcerpc, GeoServices, Dev Tools, ImageIO, IOSurface, Kernel, LaunchServices, libxpc, Metal, Model I/O, NetworkExtension, PackageKit, Perl, Sandbox, Shell, Telephony, and TV App

Impact: Denial of Service, Information Disclosure, Arbitrary Code Execution, Bypass of Privacy Preferences, Security Bypass, and so on

CVEs: CVE-2023-23535, CVE-2023-27940, CVE-2023-27945, CVE-2023-28191, CVE-2023-32352, CVE-2023-32355, CVE-2023-32357, CVE-2023-32360, CVE-2023-32368, CVE-2023-32369, CVE-2023-32375, CVE-2023-32380, CVE-2023-32382, CVE-2023-32384, CVE-2023-32386, CVE-2023-32387, CVE-2023-32388, CVE-2023-32392, CVE-2023-32395, CVE-2023-32397, CVE-2023-32398, CVE-2023-32403, CVE-2023-32405, CVE-2023-32407, CVE-2023-32408, CVE-2023-32410, CVE-2023-32411, CVE-2023-32412, CVE-2023-32413

* macOS Big Sur

Affected OS: macOS Big Sur before 11.7.7

Affected features: Accessibility, AppleEvents, AppleMobileFileIntegrity, Contacts, CoreCapture, CUPS, GeoServices, Dev Tools, dcerpc, ImageIO, IOSurface, Kernel, LaunchServices, libxpc, Metal, Model I/O, NetworkExtension, PackageKit, Perl, Sandbox, Shell, and Telephony

Impact: Information Disclosure, Arbitrary Code Execution, Bypass of Privacy Preferences, Security Bypass, and so on

CVEs: CVE-2023-27945, CVE-2023-28181, CVE-2023-28191, CVE-2023-32352, CVE-2023-32355, CVE-2023-32357, CVE-2023-32360, CVE-2023-32369, CVE-2023-32380, CVE-2023-32382, CVE-2023-32384, CVE-2023-32386, CVE-2023-32387, CVE-2023-32388, CVE-2023-32392, CVE-2023-32395, CVE-2023-32397, CVE-2023-32398, CVE-2023-32403, CVE-2023-32405, CVE-2023-32407, CVE-2023-32410, CVE-2023-32411, CVE-2023-32412, CVE-2023-32413


Apple Fixes Multiple Security Vulnerabilities for major of iOS,

3. iOS and iPadOS

* iOS 15.7.4 and iPadOS 15.7.4

Affected OS: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), iPod touch (7th generation), iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)

Affected features: Accessibility, Apple Neural Engine, CoreCapture, ImageIO, IOSurface, Kernel, Metal, NetworkExtension, Photos, Shell, Shortcuts, Telephony, TV App, and WebKit

Impact: Information Disclosure, Arbitrary Code Execution, Bypass of Privacy Preferences, and so on

CVEs: CVE-2023-32388, CVE-2023-23532, CVE-2023-28181, CVE-2023-32384, CVE-2023-32410, CVE-2023-27940, CVE-2023-32413, CVE-2023-32398, CVE-2023-32407, CVE-2023-32403, CVE-2023-32365, CVE-2023-32397, CVE-2023-32391, CVE-2023-32412, CVE-2023-32408, CVE-2023-28204, CVE-2023-32373

* iOS 16.4 and iPadOS 16.4

Affected OS: iPhone 8 and later, iPhone X, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later

Affected features: Accessibility, AppleMobileFileIntegrity, Associated Domains, Cellular, Core Location, CoreServices, GeoServices, ImageIO, IOSurfaceAccelerator, Kernel, LaunchServices, Metal, Model I/O, NetworkExtension, PDFKit, Photos, Sandbox, Security, Shortcuts, Siri, SQLite, StorageKit, System Settings, Telephony, TV App, Weather, WebKit, and Wi-Fi

Impact: Denial of Service, Information Disclosure, Arbitrary Code Execution, Bypass of Privacy Preferences, and so on

CVEs: CVE-2023-27930, CVE-2023-28191, CVE-2023-28202, CVE-2023-28204, CVE-2023-32352, CVE-2023-32354, CVE-2023-32357, CVE-2023-32365, CVE-2023-32367, CVE-2023-32368, CVE-2023-32371, CVE-2023-32372, CVE-2023-32373, CVE-2023-32376, CVE-2023-32384, CVE-2023-32385, CVE-2023-32388, CVE-2023-32389, CVE-2023-32390, CVE-2023-32391, CVE-2023-32392, CVE-2023-32394, CVE-2023-32398, CVE-2023-32399, CVE-2023-32400, CVE-2023-32402, CVE-2023-32403, CVE-2023-32404, CVE-2023-32407, CVE-2023-32408, CVE-2023-32409, CVE-2023-32411, CVE-2023-32412, CVE-2023-32413, CVE-2023-32415, CVE-2023-32419, CVE-2023-32420, CVE-2023-32422, CVE-2023-32423


Apple Fixes Multiple Security Vulnerabilities including watchOS and tvOS too,

4. watchOS

Affected OS: Apple Watch Series 4 and later

Affected features: Accessibility, Core Location, CoreServices, Face Gallery, GeoServices, ImageIO, IOSurfaceAccelerator, Kernel, LaunchServices, Metal, Model I/O, NetworkExtension, Photos, Sandbox, Shortcuts, Siri, StorageKit, System Settings, Telephony, TV App, WebKit, and Wi-Fi

Impact: Information Disclosure, Arbitrary Code Execution, Bypass of Privacy Preferences, and so on

CVEs: CVE-2023-27930, CVE-2023-28191, CVE-2023-28202, CVE-2023-28204, CVE-2023-32352, CVE-2023-32354, CVE-2023-32357, CVE-2023-32368, CVE-2023-32372, CVE-2023-32373, CVE-2023-32376, CVE-2023-32384, CVE-2023-32388, CVE-2023-32389, CVE-2023-32390, CVE-2023-32391, CVE-2023-32392, CVE-2023-32394, CVE-2023-32398, CVE-2023-32399, CVE-2023-32400, CVE-2023-32402, CVE-2023-32403, CVE-2023-32404, CVE-2023-32407, CVE-2023-32408, CVE-2023-32409, CVE-2023-32412, CVE-2023-32413, CVE-2023-32417, CVE-2023-32420, CVE-2023-32423


5. tvOS

Affected OS: Apple TV 4K (all models) and Apple TV HD

Affected features: AppleMobileFileIntegrity, Core Location, CoreServices, GeoServices, IOSurfaceAccelerator, Kernel, Metal, Model I/O, NetworkExtension, Sandbox, Siri, StorageKit, SQLite, System Settings, Telephony, TV App, WebKit, and Wi-Fi

Impact: Information Disclosure, Arbitrary Code Execution, Bypass of Privacy Preferences, and so on

CVEs: CVE-2023-27930, CVE-2023-28191, CVE-2023-28202, CVE-2023-28204, CVE-2023-32354, CVE-2023-32357, CVE-2023-32368, CVE-2023-32372, CVE-2023-32373, CVE-2023-32376, CVE-2023-32384, CVE-2023-32389, CVE-2023-32392, CVE-2023-32394, CVE-2023-32398, CVE-2023-32399, CVE-2023-32402, CVE-2023-32403, CVE-2023-32407, CVE-2023-32408, CVE-2023-32409, CVE-2023-32411, CVE-2023-32412, CVE-2023-32413, CVE-2023-32415, CVE-2023-32420, CVE-2023-32422, CVE-2023-32423

This is how Apple Fixes Multiple Security Vulnerabilities

However, SanerNow VM and SanerNow PM can detect and automatically fix these vulnerabilities by applying security updates. To emphasize, use SanerNow and keep your systems updated and secure.