PatchSiren

PatchSiren cyber security CVE debrief

CVE-2017-2373 Apple CVE debrief

CVE-2017-2373 is a high-severity WebKit memory corruption vulnerability affecting Apple platforms and browser components. According to the CVE record, a crafted website could trigger remote code execution or a denial of service through application crash. The affected Apple versions listed in the record are iOS before 10.2.1, Safari before 10.0.3, and tvOS before 10.1.1. The NVD record also lists WebKitGTK+ as affected up to 2.16.3, so defenders should verify the exact component exposure in their environment before relying only on platform branding.

Vendor
Apple
Product
CVE-2017-2373
CVSS
HIGH 8.8
CISA KEV
Not listed in stored evidence
Original CVE published
2017-02-20
Original CVE updated
2026-05-13
Advisory published
2017-02-20
Advisory updated
2026-05-13

Who should care

Apple device users, endpoint and fleet administrators, browser security teams, and anyone responsible for iOS, Safari, tvOS, or WebKit-based deployments should prioritize this issue. It is especially relevant where users routinely browse untrusted websites or where devices are not promptly updated.

Technical summary

The CVE describes a WebKit memory corruption flaw classified by NVD as CWE-119. The attack vector is network-based and requires user interaction, consistent with visiting a crafted website. NVD assigns CVSS 3.0 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), reflecting the potential for remote code execution as well as crash/denial-of-service impact. The source corpus points to Apple vendor advisories and a public exploit reference in the metadata, but no exploit details are included here.

Defensive priority

High. This is a remotely reachable browser/component flaw with confidentiality, integrity, and availability impact, and it affects widely deployed Apple client software. Patch quickly and treat untrusted web content as the primary exposure path.

Recommended defensive actions

  • Update affected Apple devices and browsers to versions at or above iOS 10.2.1, Safari 10.0.3, and tvOS 10.1.1, as listed in the CVE record.
  • Confirm whether any WebKitGTK+ deployments in your environment are at or below 2.16.3 and update them if applicable.
  • Prioritize remediation on devices that regularly browse untrusted content or are exposed to general web traffic.
  • Use the linked Apple vendor advisories to verify the exact fixed releases for each affected platform before scheduling changes.
  • Monitor fleet compliance and remove or isolate unsupported devices that cannot be updated.
  • Treat the public reference to an exploit in the source metadata as a sign to accelerate patching, while avoiding reliance on unverified exploit claims.

Evidence notes

All impact statements are taken from the supplied CVE description and NVD metadata. The CVE record says the issue affects iOS before 10.2.1, Safari before 10.0.3, and tvOS before 10.1.1. NVD classifies the weakness as CWE-119 and provides CVSS v3.0 8.8 with vector AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. NVD references Apple vendor advisories and a public exploit reference. The 2026-05-13 modified timestamp is a record update date, not the vulnerability disclosure date.

Official resources

CVE published on 2017-02-20. The supplied 2026-05-13 timestamp is a later metadata modification date for the CVE record, not the original issue date.