Blog Post

6 Critical Apple Vulnerabilities CISA Warns About

January 10, 2024 Hacking, News by admin

CISA has issued a warning about six Apple vulnerabilities that have been added to its Known Exploited Vulnerabilities (KEV) catalog. These vulnerabilities could be exploited by attackers to gain remote code execution, steal sensitive data, or disrupt operations. The most severe vulnerability is CVE-2023-27524, which impacts Apache Superset and could enable remote code execution. CISA recommends that federal agencies apply fixes for these vulnerabilities by January 29, 2024.

What are the vulnerabilities?

The six vulnerabilities that CISA has added to its KEV catalog are:

CVE-2023-27524: A vulnerability in Apache Superset that could allow remote code execution.
CVE-2023-22965: A vulnerability in FreeIPA that could allow an attacker to gain root privileges.
CVE-2023-23008: A vulnerability in Foreman that could allow an attacker to gain root privileges.
CVE-2023-23009: A vulnerability in Foreman that could allow an attacker to gain root privileges.
CVE-2023-22971: A vulnerability in Foreman that could allow an attacker to gain root privileges.
CVE-2023-22972: A vulnerability in Foreman that could allow an attacker to gain root privileges.

What should I do?

CISA recommends that federal agencies apply fixes for these vulnerabilities by January 29, 2024. Apple has released patches for all of these vulnerabilities. You can download the patches from Apple’s website.

Post Views: 163

Write a comment