Primary

Context

Apple WebKit Arbitrary Code Execution Vulnerability

Vulnerability

Patched

A vulnerability in WebKit, the engine powering the Safari browser, allows for arbitrary code execution through the processing of web content. This issue affects multiple Apple platforms, including iOS, iPadOS, macOS, watchOS, and tvOS. The vulnerability arises from a use-after-free memory management error, which could potentially be exploited by attackers to execute malicious code on the affected device.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution on the affected device, allowing attackers to execute malicious code with the same privileges as the user.

Remediation

This vulnerability has been fixed in iOS 17, iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17, and Safari 17.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple WebKit Arbitrary Code Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Apple Safari

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating