Rewterz Threat Advisory – Multiple Apple macOS Ventura Vulnerabilities
September 27, 2023Rewterz Threat Alert – APT Group Gamaredon aka Shuckworm – Active IOCs
September 27, 2023Rewterz Threat Advisory – Multiple Apple macOS Ventura Vulnerabilities
September 27, 2023Rewterz Threat Alert – APT Group Gamaredon aka Shuckworm – Active IOCs
September 27, 2023Severity
High
Analysis Summary
CVE-2023-4056 CVSS: 8.8
Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.
CVE-2023-4057 CVSS: 8.8
Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2023-4056
- CVE-2023-4057
Affected Vendors
Mozilla
Affected Products
- Mozilla Firefox ESR 115.0.1
- Mozilla Firefox 115.0
- Mozilla Firefox ESR 102.13
Remediation
Refer to Mozilla Foundation Security Advisory for patch, upgrade or suggested workaround information.