← Back

CVE-2023-42928

nvd nist
Published: Feb 21, 2024Modified: Nov 4, 2025

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

The issue was addressed with improved bounds checks. This issue is fixed in iOS 17.1 and iPadOS 17.1. An app may be able to gain elevated privileges.

Affected (2)

Products: Apple: Ipad Os, Iphone Os
Apple
2 products
Ipad Os
Iphone Os
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Ipad Os
Before 17.1
Iphone Os
Before 17.1

Related CWEs

CWE-276
Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.

References (3)

Source: product-security@apple.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.