Multiple vulnerabilities in WebKitGTK and WPE WebKit
| Risk | Critical |
| Patch available | NO |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2023-32409 CVE-2023-32423 CVE-2023-32402 |
| CWE-ID | CWE-119 CWE-125 |
| Exploitation vector | Network |
| Public exploit | Vulnerability #1 is being exploited in the wild. |
| Vulnerable software |
WebKitGTK+ Server applications / Frameworks for developing and running applications WPE WebKit Server applications / Frameworks for developing and running applications |
| Vendor | WebKitGTK |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
Updated: 30.05.2023
Vulnerabilities #VU76312 (CVE-2023-32373) and #VU76310 (CVE-2023-28204) moved to a separate bulletin SB2023053065.
1) Buffer overflow
EUVDB-ID: #VU76311
Risk: Critical
CVSSv4.0: 8.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]
CVE-ID: CVE-2023-32409
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in WebKit. A remote attacker can trick the victim to visit a specially crafted web page, trigger memory corruption and break out of Web Content sandbox.
Note, the vulnerability is being actively exploited in the wild.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWebKitGTK+: All versions
WPE WebKit: All versions
CPE2.3 External linkshttps://support.apple.com/en-us/HT213757
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
2) Buffer overflow
EUVDB-ID: #VU76351
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-32423
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in WebKit. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWebKitGTK+: All versions
WPE WebKit: All versions
CPE2.3 External linkshttps://support.apple.com/en-us/HT213758
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Out-of-bounds read
EUVDB-ID: #VU76350
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-32402
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in WebKit. A remote attacker can trick the victim to open a specially crafted website. trigger an out-of-bounds read error and read contents of memory on the system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWebKitGTK+: All versions
WPE WebKit: All versions
CPE2.3 External linkshttps://support.apple.com/en-us/HT213758
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
