CVE-2023-23543

The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4. A sandboxed app may be able to determine which app is currently using the camera.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.6 LOW
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
appleCNA
---
---
CVEADP
---
---
CISA-ADPADP
3.6 LOW
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
VendorProductVersion
appleipados
𝑥
< 15.7.4
appleipados
16.0 ≤
𝑥
< 16.4
appleiphone_os
𝑥
< 15.7.4
appleiphone_os
16.0 ≤
𝑥
< 16.4
applemacos
𝑥
< 13.3
𝑥
= Vulnerable software versions
References
https://support.apple.com/en-us/HT213670
https://support.apple.com/en-us/HT213673
https://support.apple.com/en-us/HT213676
https://support.apple.com/en-us/HT213678
https://support.apple.com/en-us/HT213670
https://support.apple.com/en-us/HT213673
https://support.apple.com/en-us/HT213676
https://support.apple.com/en-us/HT213678