Unauthorized Access Vulnerability in Apple's Operating Systems
CVE-2023-38612

3.3LOW

Key Information:

Vendor: Apple
Status: iOS and iPadOS; macOS
Vendor: CVE Published:; 10 January 2024

Summary

A security vulnerability in Apple's operating systems allows unauthorized applications to access protected user data. This issue arises from insufficient checks and has been patched in several versions, including macOS Monterey, iOS, and iPadOS. Users are encouraged to update their devices to the latest versions to mitigate potential risks associated with this vulnerability.

Affected Version(s)

iOS and iPadOS < 17

iOS and iPadOS < 16.7

macOS < 12.7

References

https://support.apple.com/en-us/HT213938

https://support.apple.com/en-us/HT213932

https://support.apple.com/en-us/HT213927

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 10, 2024
Vulnerability Reserved
Jul 20, 2023