CVE-2023-41064
Published: 07 September 2023
Summary
CVE-2023-41064 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Apple Macos. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 0.6% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
A buffer overflow vulnerability addressed through improved memory handling affects image processing components in multiple Apple operating systems. Impacted versions include iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, and macOS Big Sur 11.7.10. The flaw, tracked as CVE-2023-41064 with a CVSS score of 7.8 and CWE-120, can be triggered by processing a maliciously crafted image and may result in arbitrary code execution.
An attacker can exploit the issue without privileges by supplying a crafted image file that a user opens or processes on an affected device. Successful exploitation grants the ability to execute arbitrary code with the privileges of the affected process, potentially compromising the system.
Apple security advisories detail fixes released in the listed OS versions and note that the company is aware of reports indicating the vulnerability may have been actively exploited in the wild. The associated EPSS score has reached a peak of 0.8990 with a current value of 0.8535.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-45585
Vulnerability details
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, macOS Big Sur 11.7.10. Processing a maliciously crafted image…
more
may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
- CWE(s)
- KEV Date Added
- 11 September 2023
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly implements memory protections that prevent buffer overflows when processing untrusted image data.
Requires prompt application of vendor patches that correct the insufficient memory handling in image-processing components.
Mandates validation of image input formats and structures to reject malformed files before they reach vulnerable parsing routines.