Memory Handling Flaw in Apple Products
CVE-2023-42871

7.8HIGH

Key Information:

Vendor: Apple
Status: iOS and iPadOS; macOS
Vendor: CVE Published:; 10 January 2024

Summary

A memory handling flaw exists in specific Apple operating systems, which may permit an application to execute arbitrary code with kernel privileges. This vulnerability has been addressed in macOS Sonoma 14, iOS 17, and iPadOS 17. Users and administrators are urged to upgrade to the latest versions to mitigate any potential risks associated with this memory handling issue.

Affected Version(s)

iOS and iPadOS < 17

macOS < 14

References

https://support.apple.com/en-us/HT213938

https://support.apple.com/en-us/HT213940

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 10, 2024
Vulnerability Reserved
Sep 14, 2023