CVE-2023-43010

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-43010
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2, Safari 17.2, iOS 16.7.15 and iPadOS 16.7.15, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content may lead to memory corruption.

8.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://support.apple.com/en-us/120300 Release Notes Vendor Advisory
https://support.apple.com/en-us/120877 Release Notes Vendor Advisory
https://support.apple.com/en-us/120879 Release Notes Vendor Advisory
https://support.apple.com/en-us/126632 Release Notes Vendor Advisory
https://support.apple.com/en-us/126646 Release Notes Vendor Advisory
http://seclists.org/fulldisclosure/2026/Mar/1 Release Notes Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
History

25 Mar 2026, 18:45

Type Values Removed Values Added
CWE CWE-787
First Time Apple iphone Os
Apple safari
Apple ipados
Apple
Apple macos
CPE cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
References () https://support.apple.com/en-us/120300 - () https://support.apple.com/en-us/120300 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/120877 - () https://support.apple.com/en-us/120877 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/120879 - () https://support.apple.com/en-us/120879 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/126632 - () https://support.apple.com/en-us/126632 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/126646 - () https://support.apple.com/en-us/126646 - Release Notes, Vendor Advisory
References () http://seclists.org/fulldisclosure/2026/Mar/1 - () http://seclists.org/fulldisclosure/2026/Mar/1 - Release Notes, Vendor Advisory

13 Mar 2026, 19:53

Type Values Removed Values Added
References
  • () http://seclists.org/fulldisclosure/2026/Mar/1 -

12 Mar 2026, 21:07

Type Values Removed Values Added
Summary
  • (es) El problema se abordó con un manejo de memoria mejorado. Este problema se solucionó en iOS 17.2 y iPadOS 17.2, macOS Sonoma 14.2, Safari 17.2, iOS 16.7.15 y iPadOS 16.7.15, iOS 15.8.7 y iPadOS 15.8.7. El procesamiento de contenido web diseñado maliciosamente puede provocar corrupción de memoria.

12 Mar 2026, 14:16

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 8.8

12 Mar 2026, 01:15

Type Values Removed Values Added
New CVE
Information

Published : 2026-03-12 01:15

Updated : 2026-03-25 18:45

NVD link : CVE-2023-43010

Mitre link : CVE-2023-43010

CVE.ORG link : CVE-2023-43010

JSON object : View

Products Affected

apple

  • safari
  • iphone_os
  • ipados
  • macos
CWE
CWE-787

Out-of-bounds Write