{"api_version":"1","generated_at":"2026-04-23T06:44:23+00:00","cve":"CVE-2023-32434","urls":{"html":"https://cve.report/CVE-2023-32434","api":"https://cve.report/api/cve/CVE-2023-32434.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-32434","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-32434"},"summary":{"title":"Apple Multiple Products Integer Overflow Vulnerability","description":"An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS 15.7.7, macOS Monterey 12.6.7, watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, macOS Ventura 13.4.1. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.","state":"PUBLIC","assigner":"product-security@apple.com","published_at":"2023-06-23 18:15:00","updated_at":"2023-10-25 23:15:00"},"problem_types":["CWE-190"],"metrics":[],"references":[{"url":"https://support.apple.com/en-us/HT213808","name":"https://support.apple.com/en-us/HT213808","refsource":"MISC","tags":[],"title":"About the security content of watchOS 8.8.1 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2023/Oct/20","name":"http://seclists.org/fulldisclosure/2023/Oct/20","refsource":"MISC","tags":[],"title":"Full Disclosure: APPLE-SA-10-25-2023-3 iOS 15.8 and iPadOS 15.8","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://seclists.org/fulldisclosure/2023/Jul/4","name":"20230707 APPLE-SA-2023-06-21-2 iOS 16.5.1 and iPadOS 16.5.1","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2023-06-21-2 iOS 16.5.1 and iPadOS 16.5.1","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/en-us/HT213809","name":"https://support.apple.com/en-us/HT213809","refsource":"MISC","tags":[],"title":"About the security content of macOS Big Sur 11.7.8 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2023/Jul/5","name":"20230707 APPLE-SA-2023-06-21-3 iOS 15.7.7 and iPadOS 15.7.7","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2023-06-21-3 iOS 15.7.7 and iPadOS 15.7.7","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://seclists.org/fulldisclosure/2023/Jul/10","name":"20230707 APPLE-SA-2023-06-21-8 watchOS 8.8.1","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2023-06-21-8 watchOS 8.8.1","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/kb/HT213990","name":"https://support.apple.com/kb/HT213990","refsource":"MISC","tags":[],"title":"About the security content of iOS 15.8 and iPadOS 15.8 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/en-us/HT213811","name":"https://support.apple.com/en-us/HT213811","refsource":"MISC","tags":[],"title":"About the security content of iOS 15.7.7 and iPadOS 15.7.7 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2023/Jul/7","name":"20230707 APPLE-SA-2023-06-21-5 macOS Monterey 12.6.7","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2023-06-21-5 macOS Monterey 12.6.7","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://seclists.org/fulldisclosure/2023/Jul/9","name":"20230707 APPLE-SA-2023-06-21-7 watchOS 9.5.2","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2023-06-21-7 watchOS 9.5.2","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/en-us/HT213810","name":"https://support.apple.com/en-us/HT213810","refsource":"MISC","tags":[],"title":"About the security content of macOS Monterey 12.6.7 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://seclists.org/fulldisclosure/2023/Jul/8","name":"20230707 APPLE-SA-2023-06-21-6 macOS Big Sur 11.7.8","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2023-06-21-6 macOS Big Sur 11.7.8","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://seclists.org/fulldisclosure/2023/Jul/6","name":"20230707 APPLE-SA-2023-06-21-4 macOS Ventura 13.4.1","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2023-06-21-4 macOS Ventura 13.4.1","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/en-us/HT213812","name":"https://support.apple.com/en-us/HT213812","refsource":"MISC","tags":[],"title":"About the security content of watchOS 9.5.2 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/en-us/HT213813","name":"https://support.apple.com/en-us/HT213813","refsource":"MISC","tags":[],"title":"About the security content of macOS Ventura 13.4.1 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/en-us/HT213814","name":"https://support.apple.com/en-us/HT213814","refsource":"MISC","tags":[],"title":"About the security content of iOS 16.5.1 and iPadOS 16.5.1 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-32434","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-32434","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"32434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"ipados","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"32434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"iphone_os","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"32434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"macos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"32434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"watchos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":{"cve_year":"2023","cve_id":"32434","cve":"CVE-2023-32434","vendorProject":"Apple","product":"Multiple Products","vulnerabilityName":"Apple Multiple Products Integer Overflow Vulnerability","dateAdded":"2023-06-23","shortDescription":"Apple iOS. iPadOS, macOS, and watchOS contain an integer overflow vulnerability that could allow an application to execute code with kernel privileges.","requiredAction":"Apply updates per vendor instructions.","dueDate":"2023-07-14","knownRansomwareCampaignUse":"Unknown","notes":"https://support.apple.com/en-us/HT213808, https://support.apple.com/en-us/HT213812, https://support.apple.com/en-us/HT213809, https://support.apple.com/en-us/HT213810, https://support.apple.com/en-us/HT213813, https://support.apple.com/en-us/HT213811, https://support.apple.com/en-us/HT213814;  https://nvd.nist.gov/vuln/detail/CVE-2023-32434","cwes":"CWE-190","catalogVersion":"2026.04.22","updated_at":"2026-04-22 20:03:10"},"epss":{"cve_year":"2023","cve_id":"32434","cve":"CVE-2023-32434","epss":"0.582990000","percentile":"0.981990000","score_date":"2026-04-22","updated_at":"2026-04-23 00:03:16"},"legacy_qids":[{"cve":"CVE-2023-32434","qid":"378606","title":"Apple macOS Ventura 13.4.1 Not Installed (HT213813)"},{"cve":"CVE-2023-32434","qid":"378607","title":"Apple macOS Monterey 12.6.7 Not Installed (HT213810)"},{"cve":"CVE-2023-32434","qid":"378608","title":"Apple macOS Big Sur 11.7.8 Not Installed (HT213809)"},{"cve":"CVE-2023-32434","qid":"610489","title":"Apple iOS 16.5.1 and iPadOS 16.5.1 Security Update Missing (HT213814)"},{"cve":"CVE-2023-32434","qid":"610490","title":"Apple iOS 15.7.7 and iPadOS 15.7.7 Security Update Missing (HT213811)"},{"cve":"CVE-2023-32434","qid":"610522","title":"Apple iOS 15.8 and iPadOS 15.8 Security Update Missing (HT213990)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-32434","ASSIGNER":"product-security@apple.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS 15.7.7, macOS Monterey 12.6.7, watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, macOS Ventura 13.4.1. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7."}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Apple","product":{"product_data":[{"product_name":"macOS","version":{"version_data":[{"version_affected":"<","version_name":"unspecified","version_value":"12.6"}]}},{"product_name":"iOS and iPadOS","version":{"version_data":[{"version_affected":"<","version_name":"unspecified","version_value":"15.7"}]}},{"product_name":"watchOS","version":{"version_data":[{"version_affected":"<","version_name":"unspecified","version_value":"8.8"}]}}]}}]}},"references":{"reference_data":[{"url":"https://support.apple.com/en-us/HT213810","refsource":"MISC","name":"https://support.apple.com/en-us/HT213810"},{"url":"https://support.apple.com/en-us/HT213811","refsource":"MISC","name":"https://support.apple.com/en-us/HT213811"},{"url":"https://support.apple.com/en-us/HT213814","refsource":"MISC","name":"https://support.apple.com/en-us/HT213814"},{"url":"https://support.apple.com/en-us/HT213808","refsource":"MISC","name":"https://support.apple.com/en-us/HT213808"},{"url":"https://support.apple.com/en-us/HT213812","refsource":"MISC","name":"https://support.apple.com/en-us/HT213812"},{"url":"https://support.apple.com/en-us/HT213813","refsource":"MISC","name":"https://support.apple.com/en-us/HT213813"},{"url":"https://support.apple.com/en-us/HT213809","refsource":"MISC","name":"https://support.apple.com/en-us/HT213809"},{"url":"https://support.apple.com/kb/HT213990","refsource":"MISC","name":"https://support.apple.com/kb/HT213990"},{"url":"http://seclists.org/fulldisclosure/2023/Oct/20","refsource":"MISC","name":"http://seclists.org/fulldisclosure/2023/Oct/20"}]}},"nvd":{"publishedDate":"2023-06-23 18:15:00","lastModifiedDate":"2023-10-25 23:15:00","problem_types":["CWE-190"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0","versionEndExcluding":"16.5.1","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0","versionEndExcluding":"16.5.1","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0","versionEndExcluding":"13.4.1","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*","versionEndExcluding":"15.7.7","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionEndExcluding":"15.7.7","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0","versionEndExcluding":"9.5.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","versionEndExcluding":"8.8.1","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0.0","versionEndExcluding":"12.6.7","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"11.0","versionEndExcluding":"11.7.8","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}