Memory Corruption Vulnerability in Apple macOS and iOS Products
CVE-2023-38610

7.1HIGH

Key Information:

Vendor: Apple
Status: iOS and iPadOS; macOS
Vendor: CVE Published:; 10 January 2024

Summary

A memory corruption issue has been identified in Apple’s operating systems, which could allow an application to unexpectedly terminate the system or manipulate kernel memory. Apple has addressed this vulnerability by removing the vulnerable code with the release of macOS Sonoma 14, iOS 17, and iPadOS 17. Users are encouraged to update their systems to ensure protection against potential exploitation.

Affected Version(s)

iOS and iPadOS < 17

macOS < 14

References

https://support.apple.com/en-us/HT213938

https://support.apple.com/en-us/HT213940

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 10, 2024
Vulnerability Reserved
Jul 20, 2023