← Back

CVE-2024-23223

nvd nist
Published: Jan 23, 2024Modified: Apr 2, 2026

JSON object

Loading...
6.2
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 2.5 / Impact: 3.6
Source: NVD

Description

A privacy issue was addressed with improved handling of files. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. An app may be able to access sensitive user data.

Affected (5)

Apple
5 products
Ipados
Iphone Os
Macos
Tvos
Watchos
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Ipados
Before 17.3
Iphone Os
Before 17.3
Macos
From 14.0 to 14.3
Tvos
Before 17.3
Watchos
Before 10.3

Related CWEs

CWE-732
Incorrect Permission Assignment for Critical Resource
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

References (15)

Source: product-security@apple.com
Source: product-security@apple.com
Source: product-security@apple.com
Source: product-security@apple.com
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.