A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS 16.6.1 and iPadOS 16.6.1. A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
2023-09-07T18:15:07.617
2024-11-29T14:27:09.157
Analyzed
CVSSv3.1: 7.8 (HIGH)
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Operating System | apple | ipados | < 16.6.1 | Yes |
Operating System | apple | iphone_os | < 16.6.1 | Yes |
Operating System | apple | watchos | < 9.6.2 | Yes |