Advisory 36

Impact: High

TLP Rating: Clear

CVE -2023-41991 – Apple Multiple Products Improper Certificate validation Vulnerability.

CVE -2023-41992 – Apple Multiple Products Kernel Privilege Escalation Vulnerability.

CVE -2023-41993 – Apple Multiple Products WebKit code Execution Vulnerability

Release Date 25th of September 2023

CERT Vanuatu (CERTVU) and the Office of the Chief Information Officer (OGCIO) provide the following advisory of the above vulnerabilities.

On 26th of September 2023, CERT Vanuatu received an advisory from its collaborating partner, Cybersecurity Infrastructure Security Agency (CISA) on several Apple products with multiple vulnerabilities.

What is it?

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks.