CVE-2023-32366

EUVD-2023-36610
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.7.5, macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4. Processing a font file may lead to arbitrary code execution.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
appleipados
𝑥
< 15.7.4
appleipados
16.0 ≤
𝑥
< 16.4
appleiphone_os
𝑥
< 15.7.4
appleiphone_os
16.0 ≤
𝑥
< 16.4
applemacos
𝑥
< 11.7.5
applemacos
12.0.0 ≤
𝑥
< 12.6.4
applemacos
13.0 ≤
𝑥
< 13.3
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
appleipados
𝑥
< 15.7.4
ADP
appleipados
16.0 ≤
𝑥
< 16.4
ADP
applemacos
𝑥
< 11.7.5
ADP
applemacos
12.0 ≤
𝑥
< 12.6.4
ADP
applemacos
13.0 ≤
𝑥
< 13.3
ADP
Common Weakness Enumeration
References
https://support.apple.com/en-us/HT213670
https://support.apple.com/en-us/HT213673
https://support.apple.com/en-us/HT213675
https://support.apple.com/en-us/HT213676
https://support.apple.com/en-us/HT213677
https://support.apple.com/en-us/HT213670
https://support.apple.com/en-us/HT213673
https://support.apple.com/en-us/HT213675
https://support.apple.com/en-us/HT213676
https://support.apple.com/en-us/HT213677