CVE-2023-32415

Published: Jun 23, 2023Modified: Dec 5, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to read sensitive location information.

Affected (4)

Products: Apple: Ipados, Iphone Os, Macos, Tvos

4 products

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Apple Ipados	From 16.0 to 16.5
Apple Iphone Os	From 16.0 to 16.5
Apple Macos	From 13.0 to 13.4
Apple Tvos	Before 16.5

Related CWEs

CWE-922

Insecure Storage of Sensitive Information

The product stores sensitive information without properly limiting read or write access by unauthorized actors.

References (6)

https://support.apple.com/en-us/HT213757

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/en-us/HT213758

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/en-us/HT213761

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/en-us/HT213757

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/en-us/HT213758

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/en-us/HT213761

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

Timeline

No history available yet.