Cyber Resilience

CVE-2023-32434

HighCISA KEVActive ExploitationEUVD Exploited

Published: 23 June 2023

Published
23 June 2023
Modified
23 October 2025
KEV Added
23 June 2023
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.5238 98.0th percentile
Risk Priority 67 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-32434 is a high-severity Integer Overflow or Wraparound (CWE-190) vulnerability in Apple Macos. Its CVSS base score is 7.8 (High).

Operationally, ranked in the top 2.0% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

An integer overflow vulnerability addressed through improved input validation affects multiple Apple operating systems, including iOS 15.7.7 and iPadOS 15.7.7, iOS 16.5.1 and iPadOS 16.5.1, macOS Big Sur 11.7.8, macOS Monterey 12.6.7, macOS Ventura 13.4.1, watchOS 9.5.2, and watchOS 8.8.1. The flaw carries a CVSS score of 7.8 and is tracked under CWE-190.

A local attacker with the ability to run an app on an affected device can exploit the issue to execute arbitrary code with kernel privileges. The attack requires user interaction to open a malicious application but needs no additional permissions beyond that.

Apple security advisories for the listed updates confirm that the patches resolve the integer overflow and recommend installing the fixed releases. The updates are available via the standard software update mechanisms on each platform.

Apple has stated that the vulnerability may have been actively exploited in the wild against iOS versions prior to 15.7. The associated EPSS score reached a peak of 0.6905 with a current value of 0.5238.

EU & UK References

Vulnerability details

An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS 15.7.7, macOS Monterey 12.6.7, watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, macOS Ventura 13.4.1. An app…

more

may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.

CWE(s)
KEV Date Added
23 June 2023

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

apple
ipados
≤ 15.7.7 · 16.0 — 16.5.1
apple
iphone os
≤ 15.7.7 · 16.0 — 16.5.1
apple
macos
11.0 — 11.7.8 · 12.0.0 — 12.6.7 · 13.0 — 13.4.1
apple
watchos
≤ 8.8.1 · 9.0 — 9.5.2

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly implements the improved input validation that Apple used to eliminate the integer overflow (CWE-190) before it can be triggered by a malicious app.

prevent

Requires timely application of the vendor patches that close CVE-2023-32434 on all listed Apple platforms.

preventdetect

Malicious-code protection mechanisms can block or detect the untrusted app used to trigger the kernel-level exploit.

References