Memory Handling Vulnerability in Apple Operating Systems
CVE-2023-23504

7.8HIGH

Key Information:

Vendor: Apple
Status: iOS and iPadOS; tvOS; macOS; watchOS
Vendor: CVE Published:; 27 February 2023

Summary

A memory handling issue in various Apple operating systems may allow an application to execute arbitrary code with kernel privileges. This vulnerability was addressed in recent updates, including macOS Monterey 12.6.3 and macOS Ventura 13.2, among others. Users are advised to update to the latest versions to mitigate potential risks associated with this security flaw.

Affected Version(s)

iOS and iPadOS < 16.3

iOS and iPadOS < 15.7

macOS < 13.2

References

https://support.apple.com/en-us/HT213606

https://support.apple.com/en-us/HT213601

https://support.apple.com/en-us/HT213598

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 27, 2023
Vulnerability Reserved
Jan 12, 2023