Product - tvOS

Affected: unspecified , < 17.2 (custom)

Apple	iOS and iPadOS	Affected: unspecified , < 16.7 (custom)
Apple	macOS	Affected: unspecified , < 13.6 (custom)
Apple	tvOS	Affected: unspecified , < 17.2 (custom)
Apple	macOS	Affected: unspecified , < 12.7 (custom)
Apple	macOS	Affected: unspecified , < 14.2 (custom)
Apple	watchOS	Affected: unspecified , < 10.2 (custom)

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:23:44.044Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214035"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214034"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214038"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214040"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214037"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214036"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214041"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Dec/9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Dec/7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Dec/10"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Dec/8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Dec/11"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Dec/13"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Dec/12"
          },
          {
            "url": "https://support.apple.com/kb/HT214041"
          },
          {
            "url": "https://support.apple.com/kb/HT214040"
          },
          {
            "url": "https://support.apple.com/kb/HT214037"
          },
          {
            "url": "https://support.apple.com/kb/HT214036"
          },
          {
            "url": "https://support.apple.com/kb/HT214035"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "16.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "13.6",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "12.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "14.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "10.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, macOS Ventura 13.6.3, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, macOS Monterey 12.7.2. Processing an image may lead to arbitrary code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Processing an image may lead to arbitrary code execution",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-13T01:07:21.139Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/HT214035"
        },
        {
          "url": "https://support.apple.com/en-us/HT214034"
        },
        {
          "url": "https://support.apple.com/en-us/HT214038"
        },
        {
          "url": "https://support.apple.com/en-us/HT214040"
        },
        {
          "url": "https://support.apple.com/en-us/HT214037"
        },
        {
          "url": "https://support.apple.com/en-us/HT214036"
        },
        {
          "url": "https://support.apple.com/en-us/HT214041"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Dec/9"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Dec/7"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Dec/10"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Dec/8"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Dec/11"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Dec/13"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Dec/12"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2023-42899",
    "datePublished": "2023-12-12T00:27:17.903Z",
    "dateReserved": "2023-09-14T19:05:11.461Z",
    "dateUpdated": "2025-11-04T19:23:44.044Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-42898 (GCVE-0-2023-42898)

Vulnerability from – Published: 2023-12-12 00:27 – Updated: 2025-11-04 19:23

Summary

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing an image may lead to arbitrary code execution.

Severity ?

No CVSS data available.

CWE

Processing an image may lead to arbitrary code execution

Assigner

apple

References

URL

Tags

	https://support.apple.com/en-us/HT214035
	https://support.apple.com/en-us/HT214040
	https://support.apple.com/en-us/HT214036
	https://support.apple.com/en-us/HT214041
	http://seclists.org/fulldisclosure/2023/Dec/9
	http://seclists.org/fulldisclosure/2023/Dec/7
	http://seclists.org/fulldisclosure/2023/Dec/13
	http://seclists.org/fulldisclosure/2023/Dec/12

Impacted products

Vendor

Product

Version

Affected: unspecified , < 17.2 (custom)

Apple	tvOS	Affected: unspecified , < 17.2 (custom)
Apple	macOS	Affected: unspecified , < 14.2 (custom)
Apple	watchOS	Affected: unspecified , < 10.2 (custom)

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:23:38.648Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214035"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214040"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214036"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214041"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Dec/9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Dec/7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Dec/13"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Dec/12"
          },
          {
            "url": "https://support.apple.com/kb/HT214041"
          },
          {
            "url": "https://support.apple.com/kb/HT214040"
          },
          {
            "url": "https://support.apple.com/kb/HT214036"
          },
          {
            "url": "https://support.apple.com/kb/HT214035"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "14.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "10.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing an image may lead to arbitrary code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Processing an image may lead to arbitrary code execution",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-13T01:06:43.391Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/HT214035"
        },
        {
          "url": "https://support.apple.com/en-us/HT214040"
        },
        {
          "url": "https://support.apple.com/en-us/HT214036"
        },
        {
          "url": "https://support.apple.com/en-us/HT214041"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Dec/9"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Dec/7"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Dec/13"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Dec/12"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2023-42898",
    "datePublished": "2023-12-12T00:27:11.041Z",
    "dateReserved": "2023-09-14T19:05:11.461Z",
    "dateUpdated": "2025-11-04T19:23:38.648Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-42893 (GCVE-0-2023-42893)

Vulnerability from – Published: 2024-03-28 15:39 – Updated: 2025-11-04 19:23

Summary

A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. An app may be able to access protected user data.

Severity ?

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE

An app may be able to access protected user data

Assigner

apple

References

URL

Tags

	https://support.apple.com/en-us/HT214035
	https://support.apple.com/en-us/HT214034
	https://support.apple.com/en-us/HT214038
	https://support.apple.com/en-us/HT214040
	https://support.apple.com/en-us/HT214037
	https://support.apple.com/en-us/HT214036
	https://support.apple.com/en-us/HT214041
	http://seclists.org/fulldisclosure/2024/May/10
	https://support.apple.com/kb/HT214106
	http://seclists.org/fulldisclosure/2024/May/12
	https://support.apple.com/kb/HT214101

Impacted products

Vendor

Product

Version

Affected: unspecified , < 17.2 (custom)

Apple	iOS and iPadOS	Affected: unspecified , < 16.7 (custom)
Apple	macOS	Affected: unspecified , < 13.6 (custom)
Apple	tvOS	Affected: unspecified , < 17.2 (custom)
Apple	macOS	Affected: unspecified , < 12.7 (custom)
Apple	macOS	Affected: unspecified , < 14.2 (custom)
Apple	watchOS	Affected: unspecified , < 10.2 (custom)

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:23:25.703Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214035"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214034"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214038"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214040"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214037"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214036"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214041"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/May/10"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT214106"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/May/12"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT214101"
          },
          {
            "url": "https://support.apple.com/kb/HT214041"
          },
          {
            "url": "https://support.apple.com/kb/HT214040"
          },
          {
            "url": "https://support.apple.com/kb/HT214037"
          },
          {
            "url": "https://support.apple.com/kb/HT214036"
          },
          {
            "url": "https://support.apple.com/kb/HT214035"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ipados",
            "vendor": "apple",
            "versions": [
              {
                "lessThan": "16.7.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "17.2",
                "status": "affected",
                "version": "17.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "macos",
            "vendor": "apple",
            "versions": [
              {
                "lessThan": "12.7.2",
                "status": "affected",
                "version": "12.0",
                "versionType": "custom"
              },
              {
                "lessThan": "13.6.3",
                "status": "affected",
                "version": "13.0",
                "versionType": "custom"
              },
              {
                "lessThan": "14.2",
                "status": "affected",
                "version": "14.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "tvos",
            "vendor": "apple",
            "versions": [
              {
                "lessThan": "17.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:apple:watchos:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "watchos",
            "vendor": "apple",
            "versions": [
              {
                "lessThan": "10.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-42893",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-27T16:21:25.001079Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-25T17:01:10.557Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "16.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "13.6",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "12.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "14.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "10.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. An app may be able to access protected user data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An app may be able to access protected user data",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-10T16:12:43.989Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/HT214035"
        },
        {
          "url": "https://support.apple.com/en-us/HT214034"
        },
        {
          "url": "https://support.apple.com/en-us/HT214038"
        },
        {
          "url": "https://support.apple.com/en-us/HT214040"
        },
        {
          "url": "https://support.apple.com/en-us/HT214037"
        },
        {
          "url": "https://support.apple.com/en-us/HT214036"
        },
        {
          "url": "https://support.apple.com/en-us/HT214041"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2024/May/10"
        },
        {
          "url": "https://support.apple.com/kb/HT214106"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2024/May/12"
        },
        {
          "url": "https://support.apple.com/kb/HT214101"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2023-42893",
    "datePublished": "2024-03-28T15:39:12.081Z",
    "dateReserved": "2023-09-14T19:05:11.460Z",
    "dateUpdated": "2025-11-04T19:23:25.703Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-42884 (GCVE-0-2023-42884)

Vulnerability from – Published: 2023-12-12 00:27 – Updated: 2025-11-04 19:23

Summary

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, macOS Ventura 13.6.3, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. An app may be able to disclose kernel memory.

Severity ?

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE

An app may be able to disclose kernel memory

Assigner

apple

References

URL

Tags

	https://support.apple.com/en-us/HT214035
	https://support.apple.com/en-us/HT214034
	https://support.apple.com/en-us/HT214038
	https://support.apple.com/en-us/HT214040
	https://support.apple.com/en-us/HT214036
	http://seclists.org/fulldisclosure/2023/Dec/9
	http://seclists.org/fulldisclosure/2023/Dec/7
	http://seclists.org/fulldisclosure/2023/Dec/10
	http://seclists.org/fulldisclosure/2023/Dec/8
	http://seclists.org/fulldisclosure/2023/Dec/12

Impacted products

Vendor

Product

Version

Affected: unspecified , < 17.2 (custom)

Apple	iOS and iPadOS	Affected: unspecified , < 16.7 (custom)
Apple	macOS	Affected: unspecified , < 13.6 (custom)
Apple	tvOS	Affected: unspecified , < 17.2 (custom)
Apple	macOS	Affected: unspecified , < 14.2 (custom)

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:23:08.280Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214035"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214034"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214038"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214040"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT214036"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Dec/9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Dec/7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Dec/10"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Dec/8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Dec/12"
          },
          {
            "url": "https://support.apple.com/kb/HT214040"
          },
          {
            "url": "https://support.apple.com/kb/HT214038"
          },
          {
            "url": "https://support.apple.com/kb/HT214036"
          },
          {
            "url": "https://support.apple.com/kb/HT214035"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-42884",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-27T14:29:53.213920Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-200",
                "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-27T14:29:56.713Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "16.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "13.6",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "14.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, macOS Ventura 13.6.3, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. An app may be able to disclose kernel memory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An app may be able to disclose kernel memory",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-13T01:07:13.061Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/HT214035"
        },
        {
          "url": "https://support.apple.com/en-us/HT214034"
        },
        {
          "url": "https://support.apple.com/en-us/HT214038"
        },
        {
          "url": "https://support.apple.com/en-us/HT214040"
        },
        {
          "url": "https://support.apple.com/en-us/HT214036"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Dec/9"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Dec/7"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Dec/10"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Dec/8"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Dec/12"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2023-42884",
    "datePublished": "2023-12-12T00:27:05.302Z",
    "dateReserved": "2023-09-14T19:05:11.455Z",
    "dateUpdated": "2025-11-04T19:23:08.280Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-42873 (GCVE-0-2023-42873)

Vulnerability from – Published: 2024-02-21 06:41 – Updated: 2025-11-04 19:22

Summary

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.1, tvOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. An app may be able to execute arbitrary code with kernel privileges.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

An app may be able to execute arbitrary code with kernel privileges

Assigner

apple

References

URL

Tags

	https://support.apple.com/en-us/HT213981
	https://support.apple.com/en-us/HT213987
	https://support.apple.com/en-us/HT213984
	https://support.apple.com/en-us/HT213985
	https://support.apple.com/en-us/HT213982
	https://support.apple.com/en-us/HT213983

Impacted products

Vendor

Product

Version

Affected: unspecified , < 16.7 (custom)

Apple	tvOS	Affected: unspecified , < 17.1 (custom)
Apple	macOS	Affected: unspecified , < 14.1 (custom)
Apple	macOS	Affected: unspecified , < 13.6 (custom)
Apple	iOS and iPadOS	Affected: unspecified , < 17.1 (custom)
Apple	macOS	Affected: unspecified , < 12.7 (custom)

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:22:52.987Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213981"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213987"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213984"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213985"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213982"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213983"
          },
          {
            "url": "https://support.apple.com/kb/HT213987"
          },
          {
            "url": "https://support.apple.com/kb/HT213984"
          },
          {
            "url": "https://support.apple.com/kb/HT213983"
          },
          {
            "url": "https://support.apple.com/kb/HT213982"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ipad_os",
            "vendor": "apple",
            "versions": [
              {
                "lessThan": "16.7.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "17.1",
                "status": "affected",
                "version": "17.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "iphone_os",
            "vendor": "apple",
            "versions": [
              {
                "lessThan": "16.7",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "17.1",
                "status": "affected",
                "version": "17.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "macos",
            "vendor": "apple",
            "versions": [
              {
                "lessThan": "12.7.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "13.6.1",
                "status": "affected",
                "version": "13.0",
                "versionType": "custom"
              },
              {
                "lessThan": "14.1",
                "status": "affected",
                "version": "14.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "tvos",
            "vendor": "apple",
            "versions": [
              {
                "lessThan": "17.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-42873",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-28T19:45:16.241641Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-787",
                "description": "CWE-787 Out-of-bounds Write",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-26T20:32:05.854Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "16.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "14.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "13.6",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "12.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.1, tvOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. An app may be able to execute arbitrary code with kernel privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An app may be able to execute arbitrary code with kernel privileges",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-21T06:41:59.491Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/HT213981"
        },
        {
          "url": "https://support.apple.com/en-us/HT213987"
        },
        {
          "url": "https://support.apple.com/en-us/HT213984"
        },
        {
          "url": "https://support.apple.com/en-us/HT213985"
        },
        {
          "url": "https://support.apple.com/en-us/HT213982"
        },
        {
          "url": "https://support.apple.com/en-us/HT213983"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2023-42873",
    "datePublished": "2024-02-21T06:41:59.491Z",
    "dateReserved": "2023-09-14T19:05:11.453Z",
    "dateUpdated": "2025-11-04T19:22:52.987Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-42848 (GCVE-0-2023-42848)

Vulnerability from – Published: 2024-02-21 06:42 – Updated: 2025-11-04 19:22

Summary

The issue was addressed with improved bounds checks. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. Processing a maliciously crafted image may lead to heap corruption.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Processing a maliciously crafted image may lead to heap corruption

Assigner

apple

References

URL

Tags

	https://support.apple.com/en-us/HT213981
	https://support.apple.com/en-us/HT213987
	https://support.apple.com/en-us/HT213984
	https://support.apple.com/en-us/HT213988
	https://support.apple.com/en-us/HT213985
	https://support.apple.com/en-us/HT213982

Impacted products

Vendor

Product

Version

Affected: unspecified , < 16.7 (custom)

Apple	tvOS	Affected: unspecified , < 17.1 (custom)
Apple	macOS	Affected: unspecified , < 14.1 (custom)
Apple	watchOS	Affected: unspecified , < 10.1 (custom)
Apple	macOS	Affected: unspecified , < 13.6 (custom)
Apple	iOS and iPadOS	Affected: unspecified , < 17.1 (custom)

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:22:26.605Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213981"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213987"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213984"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213988"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213985"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213982"
          },
          {
            "url": "https://support.apple.com/kb/HT213988"
          },
          {
            "url": "https://support.apple.com/kb/HT213984"
          },
          {
            "url": "https://support.apple.com/kb/HT213982"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "iphone_os",
            "vendor": "apple",
            "versions": [
              {
                "lessThan": "16.7",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "17.1",
                "status": "affected",
                "version": "17.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ipad_os",
            "vendor": "apple",
            "versions": [
              {
                "lessThan": "16.7",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "17.1",
                "status": "affected",
                "version": "17.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "macos",
            "vendor": "apple",
            "versions": [
              {
                "lessThan": "14.1",
                "status": "affected",
                "version": "14.0",
                "versionType": "custom"
              },
              {
                "lessThan": "13.6.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "watchos",
            "vendor": "apple",
            "versions": [
              {
                "lessThan": "10.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "tvos",
            "vendor": "apple",
            "versions": [
              {
                "lessThan": "17.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-42848",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-04T20:45:58.738346Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-122",
                "description": "CWE-122 Heap-based Buffer Overflow",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-26T15:09:19.798Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "16.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "14.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "10.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "13.6",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The issue was addressed with improved bounds checks. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. Processing a maliciously crafted image may lead to heap corruption."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Processing a maliciously crafted image may lead to heap corruption",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-21T06:42:02.006Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/HT213981"
        },
        {
          "url": "https://support.apple.com/en-us/HT213987"
        },
        {
          "url": "https://support.apple.com/en-us/HT213984"
        },
        {
          "url": "https://support.apple.com/en-us/HT213988"
        },
        {
          "url": "https://support.apple.com/en-us/HT213985"
        },
        {
          "url": "https://support.apple.com/en-us/HT213982"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2023-42848",
    "datePublished": "2024-02-21T06:42:02.006Z",
    "dateReserved": "2023-09-14T19:05:11.450Z",
    "dateUpdated": "2025-11-04T19:22:26.605Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-42839 (GCVE-0-2023-42839)

Vulnerability from – Published: 2024-02-21 06:41 – Updated: 2025-11-04 19:22

Summary

This issue was addressed with improved state management. This issue is fixed in tvOS 17.1, watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.

Severity ?

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE

An app may be able to access sensitive user data

Assigner

apple

References

URL

Tags

	https://support.apple.com/en-us/HT213987
	https://support.apple.com/en-us/HT213984
	https://support.apple.com/en-us/HT213988
	https://support.apple.com/en-us/HT213982

Impacted products

Vendor

Product

Version

tvOS

Affected: unspecified , < 17.1 (custom)

Apple	macOS	Affected: unspecified , < 14.1 (custom)
Apple	watchOS	Affected: unspecified , < 10.1 (custom)
Apple	iOS and iPadOS	Affected: unspecified , < 17.1 (custom)

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:22:19.926Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213987"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213984"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213988"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213982"
          },
          {
            "url": "https://support.apple.com/kb/HT213988"
          },
          {
            "url": "https://support.apple.com/kb/HT213984"
          },
          {
            "url": "https://support.apple.com/kb/HT213982"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 6.2,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-42839",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-15T14:38:39.856701Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-922",
                "description": "CWE-922 Insecure Storage of Sensitive Information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T14:51:47.198Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "14.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "10.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "This issue was addressed with improved state management. This issue is fixed in tvOS 17.1, watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An app may be able to access sensitive user data",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-21T06:41:44.389Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/HT213987"
        },
        {
          "url": "https://support.apple.com/en-us/HT213984"
        },
        {
          "url": "https://support.apple.com/en-us/HT213988"
        },
        {
          "url": "https://support.apple.com/en-us/HT213982"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2023-42839",
    "datePublished": "2024-02-21T06:41:44.389Z",
    "dateReserved": "2023-09-14T19:05:11.449Z",
    "dateUpdated": "2025-11-04T19:22:19.926Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-42823 (GCVE-0-2023-42823)

Vulnerability from – Published: 2024-02-21 06:41 – Updated: 2025-11-04 19:21

Summary

The issue was resolved by sanitizing logging This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. An app may be able to access user-sensitive data.

Severity ?

2.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

CWE

An app may be able to access user-sensitive data

Assigner

apple

References

URL

Tags

	https://support.apple.com/en-us/HT213981
	https://support.apple.com/en-us/HT213987
	https://support.apple.com/en-us/HT213984
	https://support.apple.com/en-us/HT213988
	https://support.apple.com/en-us/HT213985
	https://support.apple.com/en-us/HT213982
	https://support.apple.com/en-us/HT213983

Impacted products

Vendor

Product

Version

Affected: unspecified , < 16.7 (custom)

Apple	tvOS	Affected: unspecified , < 17.1 (custom)
Apple	macOS	Affected: unspecified , < 14.1 (custom)
Apple	watchOS	Affected: unspecified , < 10.1 (custom)
Apple	macOS	Affected: unspecified , < 13.6 (custom)
Apple	iOS and iPadOS	Affected: unspecified , < 17.1 (custom)
Apple	macOS	Affected: unspecified , < 12.7 (custom)

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 2.7,
              "baseSeverity": "LOW",
              "confidentialityImpact": "LOW",
              "integrityImpact": "NONE",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-42823",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-21T16:34:57.759361Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-922",
                "description": "CWE-922 Insecure Storage of Sensitive Information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-04T16:55:10.494Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:21:58.985Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213981"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213987"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213984"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213988"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213985"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213982"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213983"
          },
          {
            "url": "https://support.apple.com/kb/HT213988"
          },
          {
            "url": "https://support.apple.com/kb/HT213987"
          },
          {
            "url": "https://support.apple.com/kb/HT213984"
          },
          {
            "url": "https://support.apple.com/kb/HT213983"
          },
          {
            "url": "https://support.apple.com/kb/HT213982"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "16.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "14.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "10.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "13.6",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "12.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The issue was resolved by sanitizing logging This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. An app may be able to access user-sensitive data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An app may be able to access user-sensitive data",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-21T06:41:52.495Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/HT213981"
        },
        {
          "url": "https://support.apple.com/en-us/HT213987"
        },
        {
          "url": "https://support.apple.com/en-us/HT213984"
        },
        {
          "url": "https://support.apple.com/en-us/HT213988"
        },
        {
          "url": "https://support.apple.com/en-us/HT213985"
        },
        {
          "url": "https://support.apple.com/en-us/HT213982"
        },
        {
          "url": "https://support.apple.com/en-us/HT213983"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2023-42823",
    "datePublished": "2024-02-21T06:41:52.495Z",
    "dateReserved": "2023-09-14T19:05:11.447Z",
    "dateUpdated": "2025-11-04T19:21:58.985Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-41984 (GCVE-0-2023-41984)

Vulnerability from – Published: 2023-09-26 20:14 – Updated: 2025-11-04 19:21

Summary

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges.

Severity ?

No CVSS data available.

CWE

An app may be able to execute arbitrary code with kernel privileges

Assigner

apple

References

URL

Tags

	https://support.apple.com/en-us/HT213938
	https://support.apple.com/en-us/HT213932
	https://support.apple.com/en-us/HT213927
	https://support.apple.com/en-us/HT213931
	https://support.apple.com/en-us/HT213936
	https://support.apple.com/en-us/HT213940
	https://support.apple.com/en-us/HT213937
	http://seclists.org/fulldisclosure/2023/Oct/5
	http://seclists.org/fulldisclosure/2023/Oct/10
	http://seclists.org/fulldisclosure/2023/Oct/6
	http://seclists.org/fulldisclosure/2023/Oct/8
	http://seclists.org/fulldisclosure/2023/Oct/3
	http://seclists.org/fulldisclosure/2023/Oct/4

Impacted products

Vendor

Product

Version

Affected: unspecified , < 17 (custom)

Apple	macOS	Affected: unspecified , < 12.7 (custom)
Apple	iOS and iPadOS	Affected: unspecified , < 16.7 (custom)
Apple	macOS	Affected: unspecified , < 13.6 (custom)
Apple	tvOS	Affected: unspecified , < 17 (custom)
Apple	macOS	Affected: unspecified , < 14 (custom)
Apple	watchOS	Affected: unspecified , < 10 (custom)

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:21:34.039Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213938"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213932"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213927"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213931"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213936"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213940"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213937"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/10"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/4"
          },
          {
            "url": "https://support.apple.com/kb/HT213940"
          },
          {
            "url": "https://support.apple.com/kb/HT213932"
          },
          {
            "url": "https://support.apple.com/kb/HT213927"
          },
          {
            "url": "https://support.apple.com/kb/HT213938"
          },
          {
            "url": "https://support.apple.com/kb/HT213937"
          },
          {
            "url": "https://support.apple.com/kb/HT213936"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:apple:ios_and_ipados:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ios_and_ipados",
            "vendor": "apple",
            "versions": [
              {
                "lessThan": "16.7",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "17",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "macos",
            "vendor": "apple",
            "versions": [
              {
                "lessThan": "12.7",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "13.6",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "14",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:apple:tvos:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "tvos",
            "vendor": "apple",
            "versions": [
              {
                "lessThan": "17",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:apple:watchos:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "watchos",
            "vendor": "apple",
            "versions": [
              {
                "lessThan": "10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-41984",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-24T14:19:05.086890Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-94",
                "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-24T14:26:06.636Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "12.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "16.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "13.6",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "14",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "10",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An app may be able to execute arbitrary code with kernel privileges",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-03T05:06:32.484Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/HT213938"
        },
        {
          "url": "https://support.apple.com/en-us/HT213932"
        },
        {
          "url": "https://support.apple.com/en-us/HT213927"
        },
        {
          "url": "https://support.apple.com/en-us/HT213931"
        },
        {
          "url": "https://support.apple.com/en-us/HT213936"
        },
        {
          "url": "https://support.apple.com/en-us/HT213940"
        },
        {
          "url": "https://support.apple.com/en-us/HT213937"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/5"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/10"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/6"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/8"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/4"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2023-41984",
    "datePublished": "2023-09-26T20:14:56.129Z",
    "dateReserved": "2023-09-06T17:40:06.141Z",
    "dateUpdated": "2025-11-04T19:21:34.039Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-41981 (GCVE-0-2023-41981)

Vulnerability from – Published: 2023-09-26 20:14 – Updated: 2025-11-04 19:21

Summary

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.

Severity ?

No CVSS data available.

CWE

An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations

Assigner

apple

References

URL

Tags

	https://support.apple.com/en-us/HT213938
	https://support.apple.com/en-us/HT213927
	https://support.apple.com/en-us/HT213931
	https://support.apple.com/en-us/HT213936
	https://support.apple.com/en-us/HT213940
	https://support.apple.com/en-us/HT213937
	http://seclists.org/fulldisclosure/2023/Oct/5
	http://seclists.org/fulldisclosure/2023/Oct/10
	http://seclists.org/fulldisclosure/2023/Oct/8
	http://seclists.org/fulldisclosure/2023/Oct/9
	http://seclists.org/fulldisclosure/2023/Oct/3
	http://seclists.org/fulldisclosure/2023/Oct/4

Impacted products

Vendor

Product

Version

Affected: unspecified , < 17 (custom)

Apple	iOS and iPadOS	Affected: unspecified , < 16.7 (custom)
Apple	macOS	Affected: unspecified , < 13.6 (custom)
Apple	tvOS	Affected: unspecified , < 17 (custom)
Apple	macOS	Affected: unspecified , < 14 (custom)
Apple	watchOS	Affected: unspecified , < 10 (custom)

Show details on NVD website