Get in Touch
Apple has released an update for iOS to address a remote code execution vulnerability in Safari which is being exploited in the wild.
The bug (CVE-2023-23529) is a type confusion issue with WebKit which also affects macOS Ventura.
Apple requires all browser vendors to use the WebKit rendering engine, meaning all browser apps for the device are affected.
Another bug (CVE-2023-23514) fixed in the latest iOS update would allow local privilege escalation.
Processing maliciously crafted web content may lead to arbitrary code execution.
An app may be able to execute arbitrary code with kernel privileges.
To see the current version on iOS go to
`Settings > General > About`
– iPhone 8 and later
– iPad Pro (all models)
– iPad Air 3rd generation and later
– iPad 5th generation and later
– iPad mini 5th generation and later
– macOS Ventura
– macOS Big Sur
– macOS Monterey
Containment, Mitigations & Remediations
Devices should be updated as soon as possible.
To update iOS go to
Settings > General > Software Update
This should either say “iOS is up to date” or give you the option to update.
Indicators of Compromise