ACTIVELY EXPLOITED3 sources verified·1 min read
By Lyrie Threat Intelligence·5/22/2023
CVE-2023-32409 added to CISA KEV: Apple Multiple Products
Status: ✅ Confirmed exploited in the wild
Date added: 2023-05-22
Required action: Apply updates per vendor instructions.
Due date: 2023-06-12
Why this matters
Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an unspecified vulnerability that can allow a remote attacker to break out of the Web Content sandbox. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Sources
Lyrie Verdict
Lyrie's autonomous detection layer catches active exploitation primitives at machine speed — closing the gap between disclosure and weaponization that traditional defense simply can't cover.