CVE-2023-41992 (GCVE-0-2023-41992)
Vulnerability from
Published
2023-09-21 18:23
Modified
2025-11-04 19:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
Summary
The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, iOS 16.7 and iPadOS 16.7, macOS Ventura 13.6. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:21:41.728Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213932"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213927"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213931"
},
{
"url": "https://support.apple.com/kb/HT213932"
},
{
"url": "https://support.apple.com/kb/HT213927"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-41992",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T16:26:34.974088Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-09-25",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-41992"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:37.306Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-41992"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-09-25T00:00:00+00:00",
"value": "CVE-2023-41992 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "12.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "16.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, iOS 16.7 and iPadOS 16.7, macOS Ventura 13.6. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-10T22:03:38.115Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/HT213932"
},
{
"url": "https://support.apple.com/en-us/HT213927"
},
{
"url": "https://support.apple.com/en-us/HT213931"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2023-41992",
"datePublished": "2023-09-21T18:23:49.779Z",
"dateReserved": "2023-09-06T17:40:06.142Z",
"dateUpdated": "2025-11-04T19:21:41.728Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-41991 (GCVE-0-2023-41991)
Vulnerability from
Published
2023-09-21 18:23
Modified
2025-11-04 19:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
Summary
A certificate validation issue was addressed. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apple | iOS and iPadOS |
Version: unspecified < 16.7 |
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:21:39.550Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213927"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213931"
},
{
"url": "https://support.apple.com/kb/HT213931"
},
{
"url": "https://support.apple.com/kb/HT213927"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-41991",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T15:13:21.191475Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-09-25",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-41991"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:37.441Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-41991"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-09-25T00:00:00+00:00",
"value": "CVE-2023-41991 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "16.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A certificate validation issue was addressed. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-10T22:03:18.435Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/HT213927"
},
{
"url": "https://support.apple.com/en-us/HT213931"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2023-41991",
"datePublished": "2023-09-21T18:23:48.974Z",
"dateReserved": "2023-09-06T17:40:06.142Z",
"dateUpdated": "2025-11-04T19:21:39.550Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-41987 (GCVE-0-2023-41987)
Vulnerability from
Published
2024-01-10 22:03
Modified
2025-11-04 19:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- An app may be able to access sensitive user data
Summary
This issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:21:37.286Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213940"
},
{
"url": "https://support.apple.com/kb/HT213940"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-41987",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-19T17:34:55.334157Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T16:09:11.984Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An app may be able to access sensitive user data",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-10T22:03:19.135Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/HT213940"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2023-41987",
"datePublished": "2024-01-10T22:03:19.135Z",
"dateReserved": "2023-09-06T17:40:06.141Z",
"dateUpdated": "2025-11-04T19:21:37.286Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-41986 (GCVE-0-2023-41986)
Vulnerability from
Published
2023-09-26 20:12
Modified
2025-11-04 19:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- An app may be able to modify protected parts of the file system
Summary
The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to modify protected parts of the file system.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apple | iOS and iPadOS |
Version: unspecified < 17 |
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:21:36.205Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213938"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213940"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/8"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/3"
},
{
"url": "https://support.apple.com/kb/HT213940"
},
{
"url": "https://support.apple.com/kb/HT213938"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41986",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-24T13:56:33.799912Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T13:56:45.256Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to modify protected parts of the file system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An app may be able to modify protected parts of the file system",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-03T05:09:45.938Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/HT213938"
},
{
"url": "https://support.apple.com/en-us/HT213940"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/8"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2023-41986",
"datePublished": "2023-09-26T20:12:01.498Z",
"dateReserved": "2023-09-06T17:40:06.141Z",
"dateUpdated": "2025-11-04T19:21:36.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-41984 (GCVE-0-2023-41984)
Vulnerability from
Published
2023-09-26 20:14
Modified
2025-11-04 19:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- An app may be able to execute arbitrary code with kernel privileges
Summary
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apple | iOS and iPadOS |
Version: unspecified < 17 |
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:21:34.039Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213938"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213932"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213927"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213931"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213936"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213940"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213937"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/5"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/10"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/6"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/8"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/4"
},
{
"url": "https://support.apple.com/kb/HT213940"
},
{
"url": "https://support.apple.com/kb/HT213932"
},
{
"url": "https://support.apple.com/kb/HT213927"
},
{
"url": "https://support.apple.com/kb/HT213938"
},
{
"url": "https://support.apple.com/kb/HT213937"
},
{
"url": "https://support.apple.com/kb/HT213936"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:apple:ios_and_ipados:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ios_and_ipados",
"vendor": "apple",
"versions": [
{
"lessThan": "16.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "17",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "macos",
"vendor": "apple",
"versions": [
{
"lessThan": "12.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "13.6",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:apple:tvos:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tvos",
"vendor": "apple",
"versions": [
{
"lessThan": "17",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:apple:watchos:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "watchos",
"vendor": "apple",
"versions": [
{
"lessThan": "10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41984",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-24T14:19:05.086890Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T14:26:06.636Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "12.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "16.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "10",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An app may be able to execute arbitrary code with kernel privileges",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-03T05:06:32.484Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/HT213938"
},
{
"url": "https://support.apple.com/en-us/HT213932"
},
{
"url": "https://support.apple.com/en-us/HT213927"
},
{
"url": "https://support.apple.com/en-us/HT213931"
},
{
"url": "https://support.apple.com/en-us/HT213936"
},
{
"url": "https://support.apple.com/en-us/HT213940"
},
{
"url": "https://support.apple.com/en-us/HT213937"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/5"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/10"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/6"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/8"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/3"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/4"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2023-41984",
"datePublished": "2023-09-26T20:14:56.129Z",
"dateReserved": "2023-09-06T17:40:06.141Z",
"dateUpdated": "2025-11-04T19:21:34.039Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-41981 (GCVE-0-2023-41981)
Vulnerability from
Published
2023-09-26 20:14
Modified
2025-11-04 19:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations
Summary
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:21:27.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213938"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213927"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213931"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213936"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213940"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213937"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/5"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/10"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/8"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/9"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/4"
},
{
"url": "https://support.apple.com/kb/HT213940"
},
{
"url": "https://support.apple.com/kb/HT213931"
},
{
"url": "https://support.apple.com/kb/HT213927"
},
{
"url": "https://support.apple.com/kb/HT213938"
},
{
"url": "https://support.apple.com/kb/HT213937"
},
{
"url": "https://support.apple.com/kb/HT213936"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41981",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-24T13:51:20.851071Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T13:51:29.299Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "16.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "10",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-03T05:06:50.364Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/HT213938"
},
{
"url": "https://support.apple.com/en-us/HT213927"
},
{
"url": "https://support.apple.com/en-us/HT213931"
},
{
"url": "https://support.apple.com/en-us/HT213936"
},
{
"url": "https://support.apple.com/en-us/HT213940"
},
{
"url": "https://support.apple.com/en-us/HT213937"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/5"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/10"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/8"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/9"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/3"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/4"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2023-41981",
"datePublished": "2023-09-26T20:14:39.091Z",
"dateReserved": "2023-09-06T17:40:06.139Z",
"dateUpdated": "2025-11-04T19:21:27.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-41980 (GCVE-0-2023-41980)
Vulnerability from
Published
2023-09-26 20:14
Modified
2025-11-04 19:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- An app may be able to bypass Privacy preferences
Summary
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to bypass Privacy preferences.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apple | iOS and iPadOS |
Version: unspecified < 17 |
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:21:20.841Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213938"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213940"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/8"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/3"
},
{
"url": "https://support.apple.com/kb/HT213940"
},
{
"url": "https://support.apple.com/kb/HT213938"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41980",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-24T14:28:45.931589Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T14:48:11.192Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to bypass Privacy preferences."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An app may be able to bypass Privacy preferences",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-03T05:09:52.966Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/HT213938"
},
{
"url": "https://support.apple.com/en-us/HT213940"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/8"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2023-41980",
"datePublished": "2023-09-26T20:14:35.102Z",
"dateReserved": "2023-09-06T17:40:06.139Z",
"dateUpdated": "2025-11-04T19:21:20.841Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-41979 (GCVE-0-2023-41979)
Vulnerability from
Published
2023-09-26 20:14
Modified
2025-11-04 19:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- An app may be able to modify protected parts of the file system
Summary
A race condition was addressed with improved locking. This issue is fixed in macOS Sonoma 14. An app may be able to modify protected parts of the file system.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:21:18.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213940"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/3"
},
{
"url": "https://support.apple.com/kb/HT213940"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41979",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-24T14:43:36.735176Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T14:43:46.001Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A race condition was addressed with improved locking. This issue is fixed in macOS Sonoma 14. An app may be able to modify protected parts of the file system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An app may be able to modify protected parts of the file system",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-03T05:12:31.733Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/HT213940"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2023-41979",
"datePublished": "2023-09-26T20:14:37.079Z",
"dateReserved": "2023-09-06T17:40:06.139Z",
"dateUpdated": "2025-11-04T19:21:18.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-41968 (GCVE-0-2023-41968)
Vulnerability from
Published
2023-09-26 20:14
Modified
2025-11-04 19:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- An app may be able to read arbitrary files
Summary
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to read arbitrary files.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:21:16.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213938"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213932"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213931"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213936"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213940"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213937"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/5"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/10"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/6"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/8"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/9"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/3"
},
{
"url": "https://support.apple.com/kb/HT213940"
},
{
"url": "https://support.apple.com/kb/HT213932"
},
{
"url": "https://support.apple.com/kb/HT213931"
},
{
"url": "https://support.apple.com/kb/HT213938"
},
{
"url": "https://support.apple.com/kb/HT213937"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41968",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-24T14:28:48.542792Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T14:48:30.306Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "12.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "10",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to read arbitrary files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An app may be able to read arbitrary files",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-03T05:06:54.228Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/HT213938"
},
{
"url": "https://support.apple.com/en-us/HT213932"
},
{
"url": "https://support.apple.com/en-us/HT213931"
},
{
"url": "https://support.apple.com/en-us/HT213936"
},
{
"url": "https://support.apple.com/en-us/HT213940"
},
{
"url": "https://support.apple.com/en-us/HT213937"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/5"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/10"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/6"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/8"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/9"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2023-41968",
"datePublished": "2023-09-26T20:14:32.105Z",
"dateReserved": "2023-09-14T19:03:36.103Z",
"dateUpdated": "2025-11-04T19:21:16.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-41232 (GCVE-0-2023-41232)
Vulnerability from
Published
2023-09-26 20:14
Modified
2025-11-04 19:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- An app may be able to disclose kernel memory
Summary
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.7, iOS 17 and iPadOS 17, macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. An app may be able to disclose kernel memory.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apple | iOS and iPadOS |
Version: unspecified < 17 |
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:21:03.568Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213938"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213932"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213927"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213931"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/5"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/6"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/4"
},
{
"url": "https://support.apple.com/kb/HT213932"
},
{
"url": "https://support.apple.com/kb/HT213931"
},
{
"url": "https://support.apple.com/kb/HT213927"
},
{
"url": "https://support.apple.com/kb/HT213938"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41232",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-24T14:28:35.894654Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T14:37:09.979Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "12.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "16.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.7, iOS 17 and iPadOS 17, macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. An app may be able to disclose kernel memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An app may be able to disclose kernel memory",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-03T05:07:04.554Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/HT213938"
},
{
"url": "https://support.apple.com/en-us/HT213932"
},
{
"url": "https://support.apple.com/en-us/HT213927"
},
{
"url": "https://support.apple.com/en-us/HT213931"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/5"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/6"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/4"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2023-41232",
"datePublished": "2023-09-26T20:14:58.142Z",
"dateReserved": "2023-09-14T19:03:36.068Z",
"dateUpdated": "2025-11-04T19:21:03.568Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
displaying 131 - 140 organizations in total 2594