High severity8.8CISA KEVNVD Advisory· Published Jan 23, 2024· Updated Apr 3, 2026

CVE-2024-23222

Description

A type confusion issue was addressed with improved checks. This issue is fixed in Safari 17.3, iOS 15.8.7 and iPadOS 15.8.7, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, tvOS 17.3, visionOS 1.0.2. Processing maliciously crafted web content may lead to arbitrary code execution. This fix associated with the Coruna exploit was shipped in iOS 17.3 on January 22, 2024. This update brings that fix to devices that cannot update to the latest iOS version.

Affected products

Apple Inc./Safari
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
Range: <17.3
Apple Inc./Ipados
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
Range: <15.8.7
Apple Inc./Iphone Os
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Range: <15.8.7
Apple Inc./macOS
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Range: >=12.0,<12.7.3
Apple Inc./tvOS
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
Range: <17.3
Apple Inc./Visionos
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
Range: <1.0.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

seclists.org/fulldisclosure/2024/Feb/6nvdThird Party Advisory
seclists.org/fulldisclosure/2024/Jan/34nvdThird Party Advisory
seclists.org/fulldisclosure/2024/Jan/40nvdThird Party Advisory
support.apple.com/en-us/118479nvdRelease NotesVendor Advisory
support.apple.com/en-us/120304nvdRelease NotesVendor Advisory
support.apple.com/en-us/120305nvdRelease NotesVendor Advisory
support.apple.com/en-us/120307nvdRelease NotesVendor Advisory
support.apple.com/en-us/120309nvdRelease NotesVendor Advisory
support.apple.com/en-us/120310nvdRelease NotesVendor Advisory
support.apple.com/en-us/120311nvdRelease NotesVendor Advisory
support.apple.com/en-us/120339nvdRelease NotesVendor Advisory
support.apple.com/en-us/126632nvdRelease NotesVendor Advisory
support.apple.com/en-us/HT214055nvdRelease NotesVendor Advisory
support.apple.com/en-us/HT214059nvdRelease NotesVendor Advisory
support.apple.com/en-us/HT214061nvdRelease NotesVendor Advisory
support.apple.com/kb/HT214055nvdRelease NotesVendor Advisory
support.apple.com/kb/HT214056nvdRelease NotesVendor Advisory
support.apple.com/kb/HT214057nvdRelease NotesVendor Advisory
support.apple.com/kb/HT214058nvdRelease NotesVendor Advisory
support.apple.com/kb/HT214059nvdRelease NotesVendor Advisory
support.apple.com/kb/HT214061nvdRelease NotesVendor Advisory
support.apple.com/kb/HT214063nvdRelease NotesVendor Advisory
support.apple.com/kb/HT214070nvdRelease NotesVendor Advisory
lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/nvdBroken Link
www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.000
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.000