CVE-2023-42957

Published: Jul 29, 2024Modified: Mar 19, 2025

3.3

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Exploitability: 1.8 / Impact: 1.4

Source: NVD

Description

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10. An app may be able to read sensitive location information.

Affected (4)

Products: Apple: Ipados, Iphone Os, Macos, Watchos

4 products

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Apple Ipados	Before 17.0
Apple Iphone Os	Before 17.0
Apple Macos	Up to 14.0
Apple Watchos	Before 10.0

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (6)

https://support.apple.com/en-us/HT213937

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/en-us/HT213938

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/en-us/HT213940

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/en-us/HT213937

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/en-us/HT213938

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/en-us/HT213940

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

Timeline

No history available yet.