A path handling issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.6.8, iOS 16.6 and iPadOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to gain root privileges.
References
Link | Resource |
---|---|
https://support.apple.com/en-us/HT213841 | Vendor Advisory |
https://support.apple.com/en-us/HT213843 | Vendor Advisory |
https://support.apple.com/en-us/HT213844 | Vendor Advisory |
https://support.apple.com/en-us/HT213845 | Vendor Advisory |
https://support.apple.com/en-us/HT213848 | Vendor Advisory |
https://support.apple.com/kb/HT213842 | Vendor Advisory |
https://support.apple.com/kb/HT213846 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
03 Aug 2023, 16:42
Type | Values Removed | Values Added |
---|---|---|
First Time |
Apple iphone Os
Apple Apple watchos Apple tvos Apple ipados Apple macos |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
References | (MISC) https://support.apple.com/en-us/HT213843 - Vendor Advisory | |
References | (MISC) https://support.apple.com/en-us/HT213845 - Vendor Advisory | |
References | (MISC) https://support.apple.com/kb/HT213842 - Vendor Advisory | |
References | (MISC) https://support.apple.com/en-us/HT213841 - Vendor Advisory | |
References | (MISC) https://support.apple.com/en-us/HT213848 - Vendor Advisory | |
References | (MISC) https://support.apple.com/en-us/HT213844 - Vendor Advisory | |
References | (MISC) https://support.apple.com/kb/HT213846 - Vendor Advisory | |
CPE | cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* |
|
CWE | NVD-CWE-noinfo |
28 Jul 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
27 Jul 2023, 04:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-27 01:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-38565
Mitre link : CVE-2023-38565
CVE.ORG link : CVE-2023-38565
JSON object : View
Products Affected
apple
- iphone_os
- watchos
- ipados
- tvos
- macos
CWE