Home / Threat Intelligence bulletins / iOS 16.3.1 fixes a vulnerability being exploited in the wild


Apple has released an update for iOS to address a remote code execution vulnerability in Safari which is being exploited in the wild.
The bug (CVE-2023-23529) is a type confusion issue with WebKit which also affects macOS Ventura.
Apple requires all browser vendors to use the WebKit rendering engine, meaning all browser apps for the device are affected.

Another bug (CVE-2023-23514) fixed in the latest iOS update would allow local privilege escalation.


Processing maliciously crafted web content may lead to arbitrary code execution.
An app may be able to execute arbitrary code with kernel privileges.

Vulnerability Detection

To see the current version on iOS go to
`Settings > General > About`

Affected Products

– iPhone 8 and later
– iPad Pro (all models)
– iPad Air 3rd generation and later
– iPad 5th generation and later
– iPad mini 5th generation and later

– macOS Ventura
– macOS Big Sur
– macOS Monterey

Containment, Mitigations & Remediations

Devices should be updated as soon as possible.

To update iOS go to
Settings > General > Software Update
This should either say “iOS is up to date” or give you the option to update.

Indicators of Compromise

None given.

Mitre Methodologies

T1404 – Exploitation for Privilege Escalation
T1456 – Drive-By Compromise

Further Information

About the security content of iOS 16.3.1 and iPadOS 16.3.1