Home

Description

The issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing web content may lead to arbitrary code execution.

PUBLISHED Reserved 2023-06-12 | Published 2023-08-14 | Updated 2025-10-21 | Assigner apple

CISA Known Exploited Vulnerability

Date added 2025-10-20 | Due date 2025-11-10

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Problem types

Processing web content may lead to arbitrary code execution

Product status

Any version before 12.5
affected

Any version before 15.6
affected

Any version before 15.6
affected

Any version before 8.7
affected

Any version before 15.6
affected

References

support.apple.com/en-us/HT213345

support.apple.com/en-us/HT213342

support.apple.com/en-us/HT213341

support.apple.com/en-us/HT213340

support.apple.com/en-us/HT213346

cve.org (CVE-2022-48503)

nvd.nist.gov (CVE-2022-48503)

Download JSON