Cyber Resilience

CVE-2023-32373

HighCISA KEVActive ExploitationEUVD Exploited

Published: 23 June 2023

Published
23 June 2023
Modified
23 October 2025
KEV Added
22 May 2023
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0004 12.4th percentile
Risk Priority 38 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-32373 is a high-severity Use After Free (CWE-416) vulnerability in Redhat Enterprise Linux. Its CVSS base score is 8.8 (High).

Operationally, ranked at the 12.4th percentile by exploit likelihood (below the median); CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2023-32373 is a use-after-free vulnerability addressed through improved memory management in Apple's web content processing components. It affects watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, and iOS 16.5 and iPadOS 16.5.

An attacker can exploit the flaw by supplying maliciously crafted web content that a user processes in a vulnerable browser or system component, resulting in arbitrary code execution with high impact on confidentiality, integrity, and availability.

Apple security advisories HT213757, HT213758, HT213761, and HT213762 state that the issue is resolved in the listed updated releases and advise users to apply those patches. A related Gentoo Linux security advisory, GLSA-202401-04, provides distribution-specific update guidance.

Apple has stated it is aware of reports indicating the vulnerability may have been actively exploited in the wild. The current EPSS score remains low at 0.0004.

EU & UK References

Vulnerability details

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing maliciously crafted web content may lead…

more

to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

CWE(s)
KEV Date Added
22 May 2023

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

apple
safari
≤ 16.5
apple
ipados
≤ 15.7.6 · 16.0 — 16.5
apple
iphone os
15.0 — 15.7.6 · 16.0 — 16.5
apple
macos
≤ 13.4
apple
tvos
≤ 16.5
apple
watchos
≤ 9.5
redhat
enterprise linux
6.0, 7.0, 8.0, 9.0
webkitgtk
webkitgtk\+
≤ 2.42.3

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces memory protections that prevent use-after-free conditions during web-content processing.

prevent

Requires timely application of vendor patches that correct the memory-management flaw in affected Apple components.

SC-18 Mobile Code partial match
prevent

Restricts or sandbox-executes mobile code (web content) to reduce the attack surface for crafted inputs that trigger the flaw.

References