Lucene search
AppleCVE-2023-23531HistoryFeb 27, 2023 - 8:15 p.m.
CVE-2023-23531
2023-02-2720:15:14
apple
web.nvd.nist.gov
70
cve-2023-23531
memory handling
macos ventura
ios 16.3
ipados 16.3
arbitrary code execution
CVSS3
8.6
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
8
Confidence
High
EPSS
0.001
Percentile
33.5%
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.
Affected configurations
Node
appleipadosRange<16.3
ORappleiphone_osRange<16.3
ORapplemacosRange<13.2
CNA Affected
[
{
"vendor": "Apple",
"product": "iOS and iPadOS",
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "16.3",
"versionType": "custom"
}
]
},
{
"vendor": "Apple",
"product": "macOS",
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "13.2",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
CVE-2023-23531
2023-02-27 00:00:00
prion
prion
Design/Logic Flaw
2023-02-27 20:15:00
nvd
nvd
CVE-2023-23531
2023-02-27 20:15:14
trellix
trellix
thn
thn
Apple Warns of 3 New Vulnerabilities Affecting iPhone, iPad, and Mac Devices
2023-02-22 12:56:00
apple
apple
About the security content of iOS 16.3 and iPadOS 16.3
2023-01-23 00:00:00
About the security content of macOS Ventura 13.2
2023-01-23 00:00:00
openvas
openvas
Apple Mac OS X Security Update (HT213603)
2023-01-25 00:00:00
CVSS3
8.6
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
8
Confidence
High
EPSS
0.001
Percentile
33.5%
Related for CVE-2023-23531