NVD disclosure day

Published threat advisories for July 27, 2023

CVE advisoryKnown Exploit

CVE-2023-38606

Apple Kernel State Modification Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in Apple operating systems allows an app to alter sensitive kernel state, potentially impacting system integrity. This local vulnerability requires an application to exploit and carries business risk due to potential data compromise. Organizations should apply vendor updates to affected Apple devices.

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2023-37450

Apple WebKit Code Execution Vulnerability in Safari and iOS

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

A vulnerability in how certain Apple products and Safari process web content could allow attackers to execute arbitrary code. Organizations face business risk if systems encounter malicious web content. Apple has addressed this issue in updated software.

NVD published: • CISA KEV