Rewterz Threat Alert – APT Group Gamaredon aka Shuckworm – Active IOCs
September 22, 2023Rewterz Threat Advisory – CVE-2023-41993 – Apple Safari WebKit Vulnerability
September 22, 2023Rewterz Threat Alert – APT Group Gamaredon aka Shuckworm – Active IOCs
September 22, 2023Rewterz Threat Advisory – CVE-2023-41993 – Apple Safari WebKit Vulnerability
September 22, 2023Severity
Medium
Analysis Summary
CVE-2023-41991
Apple watchOS, macOS Ventura, iOS and iPadOS could allow a local attacker to bypass security restrictions, caused by a certificate validation issue in the Security component. By using a specially crafted application, an attacker could exploit this vulnerability to bypass signature validation.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-41991
Affected Vendors
Apple
Affected Products
- Apple watchOS 9.6.2
- Apple macOS Ventura 13.5.0
- Apple iPadOS 16.6.0
- Apple iOS 16.6.0
Remediation
Refer to Apple security document for patch, upgrade or suggested workaround information.