cvelistv5 - cve-2023-41061

cve-2023-41061

Vulnerability from cvelistv5

Published

2023-09-07 17:30

Modified

2024-09-13 17:32

Severity

7.8 (High) - cvssV3_1 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS 16.6.1 and iPadOS 16.6.1. A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

References

Source	URL	Tags
product-security@apple.com	http://seclists.org/fulldisclosure/2023/Sep/4	Mailing List, Third Party Advisory
product-security@apple.com	http://seclists.org/fulldisclosure/2023/Sep/5	Mailing List, Third Party Advisory
product-security@apple.com	https://support.apple.com/en-us/HT213905	Vendor Advisory
product-security@apple.com	https://support.apple.com/en-us/HT213907	Vendor Advisory
product-security@apple.com	https://support.apple.com/kb/HT213905	Vendor Advisory
product-security@apple.com	https://support.apple.com/kb/HT213907	Vendor Advisory

Impacted products

Vendor	Product
Apple	iOS and iPadOS
Apple	watchOS

CISA Known exploited vulnerability

Data from the Known Exploited Vulnerabilities Catalog

Date added: 2023-09-11

Due date: 2023-10-02

Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Used in ransomware: Unknown

Notes: https://support.apple.com/en-us/HT213905, https://support.apple.com/kb/HT213907

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T18:46:11.796Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213905"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213907"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT213907"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT213905"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Sep/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Sep/4"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "ipados",
            "vendor": "apple",
            "versions": [
              {
                "lessThan": "16.6.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "iphone_os",
            "vendor": "apple",
            "versions": [
              {
                "lessThan": "16.6.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "watchos",
            "vendor": "apple",
            "versions": [
              {
                "lessThan": "9.6.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-41061",
                "options": [
                  {
                    "Exploitation": "Active"
                  },
                  {
                    "Automatable": "Yes"
                  },
                  {
                    "Technical Impact": "Total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2023-11-15T16:35:59.820065Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2023-09-11",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-41061"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-20",
                "description": "CWE-20 Improper Input Validation",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-13T17:32:54.762Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "16.6",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "9.6",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS 16.6.1 and iPadOS 16.6.1. A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-07T17:30:09.783Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/HT213905"
        },
        {
          "url": "https://support.apple.com/en-us/HT213907"
        },
        {
          "url": "https://support.apple.com/kb/HT213907"
        },
        {
          "url": "https://support.apple.com/kb/HT213905"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Sep/5"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Sep/4"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2023-41061",
    "datePublished": "2023-09-07T17:30:09.783Z",
    "dateReserved": "2023-08-22T18:10:00.329Z",
    "dateUpdated": "2024-09-13T17:32:54.762Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2023-41061",
      "dateAdded": "2023-09-11",
      "dueDate": "2023-10-02",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://support.apple.com/en-us/HT213905, https://support.apple.com/kb/HT213907",
      "product": "iOS, iPadOS, and watchOS",
      "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
      "shortDescription": "Apple iOS, iPadOS, and watchOS contain an unspecified vulnerability due to a validation issue affecting Wallet in which a maliciously crafted attachment may result in code execution. This vulnerability was chained with CVE-2023-41064.",
      "vendorProject": "Apple",
      "vulnerabilityName": "Apple iOS, iPadOS, and watchOS Wallet Code Execution Vulnerability"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-41061\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2023-09-07T18:15:07.617\",\"lastModified\":\"2024-09-16T19:46:40.427\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"cisaExploitAdd\":\"2023-09-11\",\"cisaActionDue\":\"2023-10-02\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Apple iOS, iPadOS, and watchOS Wallet Code Execution Vulnerability\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS 16.6.1 and iPadOS 16.6.1. A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.\"},{\"lang\":\"es\",\"value\":\"Se solucion\u00f3 el problema de validaci\u00f3n con una l\u00f3gica mejorada. Este problema se solucion\u00f3 en watchOS 9.6.2, iOS 16.6.1 y iPadOS 16.6.1. Un archivo adjunto creado con fines maliciosos puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. Apple est\u00e1 al tanto de un informe de que este problema puede haber sido explotado activamente.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"16.6.1\",\"matchCriteriaId\":\"D3489F6B-7E72-4E95-93EC-C61FA0597180\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"16.6.1\",\"matchCriteriaId\":\"FF388164-D0B0-4777-B449-9D7A5817E37E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.6.2\",\"matchCriteriaId\":\"8A7FC4C6-9666-4838-93FF-9FF427BD6CFE\"}]}]}],\"references\":[{\"url\":\"http://seclists.org/fulldisclosure/2023/Sep/4\",\"source\":\"product-security@apple.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2023/Sep/5\",\"source\":\"product-security@apple.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/en-us/HT213905\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/HT213907\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213905\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213907\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

Action not permitted

cve-2023-41061

Vulnerability from cvelistv5

CISA Known exploited vulnerability

Data from the Known Exploited Vulnerabilities Catalog

ghsa-h6m5-xj4q-9xw4

Vulnerability from github

gsd-2023-41061

Vulnerability from gsd

wid-sec-w-2023-2288

Vulnerability from csaf_certbund

Tags