Lucene search

[email protected]NVD:CVE-2023-32428

HistorySep 06, 2023 - 2:15 a.m.

CVE-2023-32428

2023-09-0602:15:09

[email protected]

web.nvd.nist.gov

file handling

privilege escalation

macos ventura 13.4

tvos 16.5

ios 16.5

ipados 16.5

watchos 9.5

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.8%

JSON

This issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to gain root privileges.

Affected configurations

NVD

Node

appleipad_osRange<16.5

appleiphone_osRange<16.5

applemacosRange13.0–13.4

appletvosRange<16.5

applewatchosRange<9.5

References

support.apple.com/en-us/HT213757

support.apple.com/en-us/HT213758

support.apple.com/en-us/HT213761

support.apple.com/en-us/HT213764

support.apple.com/kb/HT213757

support.apple.com/kb/HT213758

support.apple.com/kb/HT213761

support.apple.com/kb/HT213764

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.8%

JSON

Related for NVD:CVE-2023-32428

cvelist1 prion1 cve1 apple5 openvas2