CVE-2023-42952

EUVD-2023-47373
The issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.3, macOS Sonoma 14.1, macOS Monterey 12.7.1. An app with root privileges may be able to access private information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.4 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
CISA-ADPADP
4.4 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
Affected Products (NVD)
VendorProductVersion
appleipad_os
𝑥
< 17.1
appleiphone_os
𝑥
< 17.1
applemacos
12.0 ≤
𝑥
< 12.7.1
applemacos
13.0 ≤
𝑥
< 13.6.3
applemacos
14.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.apple.com/en-us/HT213982
https://support.apple.com/en-us/HT213983
https://support.apple.com/en-us/HT213984
https://support.apple.com/en-us/HT214038
https://support.apple.com/en-us/HT213982
https://support.apple.com/en-us/HT213983
https://support.apple.com/en-us/HT213984
https://support.apple.com/en-us/HT214038
https://support.apple.com/kb/HT213982
https://support.apple.com/kb/HT213984
https://support.apple.com/kb/HT214038