CVE-2023-23523

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.3 LOW
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
appleCNA
---
---
CVEADP
---
---
CISA-ADPADP
3.3 LOW
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
VendorProductVersion
appleipados
𝑥
< 16.4
appleiphone_os
𝑥
< 16.4
applemacos
𝑥
< 13.3
𝑥
= Vulnerable software versions
References
https://support.apple.com/en-us/HT213670
https://support.apple.com/en-us/HT213676
https://support.apple.com/en-us/HT213670
https://support.apple.com/en-us/HT213676