Unauthorized Access Vulnerability in Apple’s macOS and iOS Products
CVE-2023-42872

5.5MEDIUM

Key Information:

Vendor: Apple
Status: iOS and iPadOS; macOS
Vendor: CVE Published:; 10 January 2024

Summary

An issue affecting Apple’s operating systems allows unauthorized applications to potentially access sensitive user data. This vulnerability has been resolved with the introduction of additional permissions checks in macOS Sonoma 14, iOS 17, and iPadOS 17. Users are encouraged to update their devices to the latest versions to ensure their data remains protected, as adhering to updated security measures is crucial in safeguarding personal information.

Affected Version(s)

iOS and iPadOS < 17

macOS < 14

References

https://support.apple.com/en-us/HT213938

https://support.apple.com/en-us/HT213940

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 10, 2024
Vulnerability Reserved
Sep 14, 2023