This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 17, watchOS 10, macOS Sonoma 14, iOS 17 and iPadOS 17, macOS Ventura 13.6.4. An app may be able to bypass Privacy preferences.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2024/Jan/37 | Third Party Advisory |
https://support.apple.com/en-us/HT213936 | Release Notes Vendor Advisory |
https://support.apple.com/en-us/HT213937 | Release Notes Vendor Advisory |
https://support.apple.com/en-us/HT213938 | Release Notes Vendor Advisory |
https://support.apple.com/en-us/HT213940 | Release Notes Vendor Advisory |
https://support.apple.com/en-us/HT214058 | Release Notes Vendor Advisory |
https://support.apple.com/kb/HT213936 | Release Notes Vendor Advisory |
https://support.apple.com/kb/HT213937 | Release Notes Vendor Advisory |
https://support.apple.com/kb/HT213938 | Release Notes Vendor Advisory |
https://support.apple.com/kb/HT213940 | Release Notes Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
26 Jan 2024, 20:06
Type | Values Removed | Values Added |
---|---|---|
References | () http://seclists.org/fulldisclosure/2024/Jan/37 - Third Party Advisory | |
References | () https://support.apple.com/en-us/HT213936 - Release Notes, Vendor Advisory | |
References | () https://support.apple.com/en-us/HT213937 - Release Notes, Vendor Advisory | |
References | () https://support.apple.com/en-us/HT213938 - Release Notes, Vendor Advisory | |
References | () https://support.apple.com/en-us/HT213940 - Release Notes, Vendor Advisory | |
References | () https://support.apple.com/en-us/HT214058 - Release Notes, Vendor Advisory | |
References | () https://support.apple.com/kb/HT213936 - Release Notes, Vendor Advisory | |
References | () https://support.apple.com/kb/HT213937 - Release Notes, Vendor Advisory | |
References | () https://support.apple.com/kb/HT213938 - Release Notes, Vendor Advisory | |
References | () https://support.apple.com/kb/HT213940 - Release Notes, Vendor Advisory | |
CWE | NVD-CWE-noinfo | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
CPE | cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* |
|
First Time |
Apple ipados
Apple watchos Apple macos Apple Apple iphone Os Apple tvos |
26 Jan 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
23 Jan 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
23 Jan 2024, 13:44
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
23 Jan 2024, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-23 01:15
Updated : 2024-01-26 20:06
NVD link : CVE-2023-40528
Mitre link : CVE-2023-40528
CVE.ORG link : CVE-2023-40528
JSON object : View
Products Affected
apple
- macos
- iphone_os
- tvos
- ipados
- watchos
CWE