Memory Handling Flaw in Apple Operating Systems
CVE-2023-42914

6.3MEDIUM

Key Information:

Vendor: Apple
Status: iOS And iPad OS; Mac OS; TV OS; Watch OS
Vendor: CVE Published:; 12 December 2023

What is CVE-2023-42914?

A vulnerability has been identified in Apple’s operating systems that could allow applications to break out of their designated sandbox. This issue stems from improper memory handling, potentially leading to unauthorized access to system resources. It impacts various versions of macOS, iOS, iPadOS, watchOS, and tvOS, prompting users to update their devices to the latest software versions to mitigate associated risks.

Affected Version(s)

iOS and iPadOS < 17.2

iOS and iPadOS < 16.7

macOS < 13.6

References

https://support.apple.com/en-us/HT214035

https://support.apple.com/en-us/HT214034

https://support.apple.com/en-us/HT214038

CVSS V3.1

Score:

6.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 12, 2023
Vulnerability Reserved
Sep 14, 2023