CVE-2023-42873

EUVD-2023-47294
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.1, tvOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. An app may be able to execute arbitrary code with kernel privileges.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
appleipad_os
𝑥
< 17.1
appleipad_os
16.0 ≤
𝑥
< 16.7.2
appleiphone_os
𝑥
< 17.1
appleiphone_os
16.0 ≤
𝑥
< 16.7.2
applemacos
12.0 ≤
𝑥
< 12.7.1
applemacos
13.0 ≤
𝑥
< 13.6.1
applemacos
14.0
appletvos
𝑥
< 17.1
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
appleipad_os
𝑥
< 16.7.1
ADP
appleipad_os
17.0 ≤
𝑥
< 17.1
ADP
appleiphone_os
𝑥
< 16.7
ADP
appleiphone_os
17.0 ≤
𝑥
< 17.1
ADP
applemacos
𝑥
< 12.7.1
ADP
applemacos
13.0 ≤
𝑥
< 13.6.1
ADP
applemacos
14.0 ≤
𝑥
< 14.1
ADP
appletvos
𝑥
< 17.1
ADP
Common Weakness Enumeration
References
https://support.apple.com/en-us/HT213981
https://support.apple.com/en-us/HT213982
https://support.apple.com/en-us/HT213983
https://support.apple.com/en-us/HT213984
https://support.apple.com/en-us/HT213985
https://support.apple.com/en-us/HT213987
https://support.apple.com/en-us/HT213981
https://support.apple.com/en-us/HT213982
https://support.apple.com/en-us/HT213983
https://support.apple.com/en-us/HT213984
https://support.apple.com/en-us/HT213985
https://support.apple.com/en-us/HT213987
https://support.apple.com/kb/HT213982
https://support.apple.com/kb/HT213983
https://support.apple.com/kb/HT213984
https://support.apple.com/kb/HT213987