{"vulnerability": "CVE-2023-2351", "sightings": [{"uuid": "d8b4de01-3ebf-45f2-852b-fca1827fca79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23514", "type": "exploited", "source": "https://t.me/true_secator/4061", "content": "Apple \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (1, 2) \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f 0-day, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0439 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 iPhone, iPad \u0438 Mac.\n\nCVE-2023-23529 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043f\u0443\u0442\u0430\u043d\u0438\u0446\u044b WebKit \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0448\u0438\u0440\u043e\u043a\u0438\u0439 \u043f\u0435\u0440\u0435\u0447\u0435\u043d\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432: \n- iPhone 8 \u0438 \u043d\u043e\u0432\u0435\u0435,\n- iPad Pro (\u0432\u0441\u0435 \u043c\u043e\u0434\u0435\u043b\u0438), iPad Air 3-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f \u0438 \u043d\u043e\u0432\u0435\u0435, iPad 5-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f \u0438 \u043d\u043e\u0432\u0435\u0435, \u0430 \u0442\u0430\u043a\u0436\u0435 iPad mini 5-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f \u0438 \u043d\u043e\u0432\u0435\u0435,\n- \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u044b Mac \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c macOS Ventura.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0441 iOS, iPadOS \u0438 macOS \u043f\u043e\u0441\u043b\u0435 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0432\u0435\u0431-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b (\u0431\u0430\u0433 \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Safari 16.3.1 \u043d\u0430 macOS Big Sur \u0438 Monterey).\n\nApple \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 CVE-2023-23529, \u0443\u043b\u0443\u0447\u0448\u0438\u0432 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432 iOS 16.3.1, iPadOS 16.3.1 \u0438 macOS Ventura 13.2.1. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u0437\u043d\u0430\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b Apple \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0434\u0440\u0443\u0433\u0443\u044e RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-23514 \u0432 Mac \u0438 iPhone, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u044f\u0434\u0440\u0430, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u041a\u0441\u0438\u043d\u0440\u0443 \u0427\u0438 \u0438\u0437 Pangu Lab \u0438 \u041d\u0435\u0434 \u0423\u0438\u043b\u044c\u044f\u043c\u0441\u043e\u043d \u0438\u0437 Google Project Zero.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e \u0441\u0432\u043e\u0435\u0439 \u043e\u0441\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u043d\u043e\u0441\u0442\u0438 \u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432 \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u044e\u0442\u0441\u044f.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0438 \u043d\u043e\u0441\u0438\u043b\u0438 \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440.\n\n\u0412\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0430\u043c \u0442\u0435\u0445\u043d\u0438\u043a\u0438 Apple \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u0440\u0438\u0441\u043a \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0430\u0442\u0430\u043a.", "creation_timestamp": "2023-02-14T07:00:07.000000Z"}, {"uuid": "a9510a01-eefa-40bd-8bbd-c5fd777c705b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23512", "type": "seen", "source": "https://bsky.app/profile/sentrysecurity.bsky.social/post/3ll545osrjc2d", "content": "", "creation_timestamp": "2025-03-24T15:48:03.763519Z"}, {"uuid": "cf214246-e9de-4804-aa90-b7e2f217aa7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23514", "type": "seen", "source": "https://t.me/kasperskyb2b/455", "content": "\ud83c\udf4f \u041d\u0430\u0447\u043d\u0438\u0442\u0435 \u0443\u0442\u0440\u043e \u0441  \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0432\u043e\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043d\u0430 \u0431\u0430\u0437\u0435 iOS/iPadOS/macOS.\n\n\u0421\u0440\u043e\u0447\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Apple \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u0446\u0435\u043b\u044b\u0439 \u0440\u044f\u0434 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u043e\u0434\u043d\u0430 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f. \u042d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Webkit, \u0432\u0435\u0434\u0443\u0449\u0430\u044f \u043a \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 (CVE-2023-23529). Apple \u0441\u043a\u0443\u043f\u0430 \u043d\u0430 \u0434\u0435\u0442\u0430\u043b\u0438, \u043d\u043e \u0441\u0443\u0434\u044f \u043f\u043e \u043f\u043e \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u043d\u043e\u0441\u0442\u044f\u043c \u0432 \u0430\u0434\u0440\u0435\u0441 CitizenLab, \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u044c, \u0447\u0442\u043e \u0437\u0435\u0440\u043e\u0434\u0435\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f\u043c\u0438 \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u043e\u0433\u043e spyware \u0432\u0440\u043e\u0434\u0435 Pegasus. \u0414\u0440\u0443\u0433\u0430\u044f \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2023-23514) \u043c\u043e\u0433\u043b\u0430 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u044f\u0434\u0440\u0430. \u042d\u0442\u043e\u0442 \u0431\u0430\u0433 \u043d\u0430\u0448\u043b\u0438 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u0438\u0437 Pangu Lab \u0438 Project Zero, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043e\u043d, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0434\u043b\u044f \u0432\u0441\u0435\u0445 iPhone, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 8-\u0433\u043e, iPad \u0441 5-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f, iPad Pro, \u0430 \u0442\u0430\u043a\u0436\u0435 macOS Ventura. \u0412 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u043c\u0435\u043d\u0435\u0435 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0442\u0435\u0447\u043a\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 (CVE-2023-23522).", "creation_timestamp": "2023-02-14T07:35:46.000000Z"}, {"uuid": "0a1f1217-0ce8-4cff-9756-ee7598688639", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23514", "type": "exploited", "source": "https://t.me/androidMalware/1780", "content": "1) CVE-2023-23529\nVulnerability in WebKit browser engine for iPhones and iPads once exploited could result in arbitrary code execution.\nThis zero-day flaw has been actively exploited in the wild.\n\n2) CVE-2023-23514\nAn app may be able to execute arbitrary code with kernel privileges affecting iPhones and iPads.\nhttps://support.apple.com/en-us/HT213635", "creation_timestamp": "2023-03-22T09:42:56.000000Z"}, {"uuid": "7829b673-13b3-465b-bf50-72a28110fd1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23514", "type": "seen", "source": "https://t.me/cibsecurity/59050", "content": "\u203c CVE-2023-23514 \u203c\n\nA use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1. An app may be able to execute arbitrary code with kernel privileges..\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-27T22:28:05.000000Z"}, {"uuid": "6b6ec2c2-901f-4b31-a205-c90b50973389", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23511", "type": "seen", "source": "https://t.me/cibsecurity/59059", "content": "\u203c CVE-2023-23511 \u203c\n\nThe issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to bypass Privacy preferences.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-27T22:28:15.000000Z"}, {"uuid": "3c3f098d-3bd4-4a58-8fae-840e451e5d3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23512", "type": "seen", "source": "https://t.me/cibsecurity/59058", "content": "\u203c CVE-2023-23512 \u203c\n\nThe issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13.2, tvOS 16.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Visiting a website may lead to an app denial-of-service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-27T22:28:14.000000Z"}, {"uuid": "8124c0bd-1603-47df-b1d9-f8cd5f4fc1de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23518", "type": "seen", "source": "https://t.me/cibsecurity/59057", "content": "\u203c CVE-2023-23518 \u203c\n\nThe issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, Safari 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. Processing maliciously crafted web content may lead to arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-27T22:28:13.000000Z"}, {"uuid": "24db0be3-a27b-4148-8e54-9846da9d1420", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23513", "type": "seen", "source": "https://t.me/cibsecurity/59054", "content": "\u203c CVE-2023-23513 \u203c\n\nA buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, macOS Big Sur 11.7.3. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-27T22:28:10.000000Z"}, {"uuid": "1632ed01-9713-4fa5-a9fc-39c96bde8cd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23519", "type": "seen", "source": "https://t.me/cibsecurity/59053", "content": "\u203c CVE-2023-23519 \u203c\n\nA memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, tvOS 16.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Processing an image may lead to a denial-of-service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-27T22:28:09.000000Z"}, {"uuid": "ae2c78ef-7178-4eef-8c46-6a1eaf9f75fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23510", "type": "seen", "source": "https://t.me/cibsecurity/59063", "content": "\u203c CVE-2023-23510 \u203c\n\nA permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.2. An app may be able to access a user\u00e2\u20ac\u2122s Safari history.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-27T22:28:19.000000Z"}, {"uuid": "e9753035-4fc0-44e2-a305-03d2698384ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23517", "type": "seen", "source": "https://t.me/cibsecurity/59061", "content": "\u203c CVE-2023-23517 \u203c\n\nThe issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, Safari 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. Processing maliciously crafted web content may lead to arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-27T22:28:17.000000Z"}]}