Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Active Exploitation of Zero-Day Vulnerability in Apple Products
Alerts

Active Exploitation of Zero-Day Vulnerability in Apple Products

14 February 2023

Apple has released security updates to address a zero-day vulnerability (CVE-2023-23529) in their products. The vulnerability is a WebKit confusion issue and is reportedly being actively exploited.

Successful exploitation of the vulnerability could allow an attacker to perform arbitrary code execution on affected products.

The vulnerability affects the following products:

  • iPhone 6s (all models)

  • iPhone 7 (all models)

  • iPhone SE 1st generation 

  • iPad Air 2

  • iPad mini 4th generation 

  • iPod touch 7th generation

  • Macs running macOS Big Sur and macOS Monterey

 
Users of affected product versions are advised to update to the latest versions immediately.

Users are also advised to enable automatic software updates by going to Settings > General > Software Updates > Enable Automatic Updates.

More information is available here:

https://support.apple.com/en-us/HT201222

https://www.bleepingcomputer.com/news/security/apple-fixes-new-webkit-zero-day-exploited-to-hack-iphones-macs/

https://support.apple.com/en-us/HT213673 

Back to top