CVE-2023-41075

EUVD-2023-45596
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7.5, macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4. An app may be able to execute arbitrary code with kernel privileges.
Type Confusion
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
appleipados
15.0 ≤
𝑥
< 15.7.4
appleipados
16.0 ≤
𝑥
< 16.4
appleiphone_os
15.0 ≤
𝑥
< 15.7.4
appleiphone_os
16.0 ≤
𝑥
< 16.4
applemacos
11.0 ≤
𝑥
< 11.7.5
applemacos
12.0.0 ≤
𝑥
< 12.6.4
applemacos
13.0 ≤
𝑥
< 13.3
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
appleipados
15.0 ≤
𝑥
< 15.7.4
ADP
appleipados
16.0 ≤
𝑥
< 16.4
ADP
applemacos
11.0 ≤
𝑥
< 11.7.5
ADP
applemacos
12.0 ≤
𝑥
< 12.6.4
ADP
applemacos
13.0 ≤
𝑥
< 13.3
ADP
Common Weakness Enumeration
References
https://support.apple.com/en-us/HT213670
https://support.apple.com/en-us/HT213673
https://support.apple.com/en-us/HT213675
https://support.apple.com/en-us/HT213676
https://support.apple.com/en-us/HT213677
https://support.apple.com/en-us/HT213670
https://support.apple.com/en-us/HT213673
https://support.apple.com/en-us/HT213675
https://support.apple.com/en-us/HT213676
https://support.apple.com/en-us/HT213677