What is CVE-2023-28206?

CVE-2023-28206 is a high-severity vulnerability in certain versions of macOS, iOS, and iPadOS. It involves an out-of-bounds write, potentially allowing an app to execute arbitrary code with kernel privileges. Apple has reported active exploitation of this vulnerability. Users should update their devices to the latest software versions to protect against this threat.

Who is impacted by CVE-2023-28206?

Specifically, those using iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later are impacted. The affected versions include iOS and iPadOS up to 15.7.5 and from 16.0 to 16.4.1, as well as macOS up to 11.7.6, from 12.0 to 12.6.5, and from 13.0 to 13.3.1.

What to do if CVE-2023-28206 affected you

If you're affected by the CVE-2023-28206 vulnerability, it's crucial to update your device to the latest software version. Follow these steps:

1. Go to your device's Settings app.

2. Select "General" or "System Preferences."

3. Tap on "Software Update."

4. Install the available update, such as iOS 16.4.1, iPadOS 16.4.1, or macOS 11.7.6, 12.6.5, or 13.3.1.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-28206 vulnerability, known as Apple iOS, iPadOS, and macOS IOSurfaceAccelerator Out-of-Bounds Write Vulnerability, is indeed listed in CISA's Known Exploited Vulnerabilities Catalog.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-787, an out-of-bounds write issue affecting Apple's iOS, iPadOS, and macOS operating systems.

Learn More

For comprehensive information on its description, severity, technical details, and affected software configurations, consult the NVD page.

• NVD - CVE-2023-28206

• About the security content of iOS 16.4.1 and iPadOS 16.4.1 - Apple Support