CVE-2023-23523 — Apple IOS AND Ipados vulnerability

4 documents3 sources

Severity

3.3LOWNVD

EPSS

0.1%

top 81.03%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple IOS AND Ipados Apple Macos Apple Ipados +3 more

Timeline

PublishedMay 8

Description

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages7 packages

▶Appleapple/macos_ventura13.3

▶CVEListV5apple/macosunspecified — 13.3

▶NVDapple/macos< 13.3

▶NVDapple/ipados< 16.4

▶CVEListV5apple/ios_and_ipadosunspecified — 16.4

🔴Vulnerability Details

GHSA

GHSA-pm8c-p624-72x2: A logic issue was addressed with improved restrictions↗2023-05-08

▶

📋Vendor Advisories

Apple

CVE-2023-23523: iOS 16.4 and iPadOS 16.4↗2023-03-27

▶

Apple

CVE-2023-23523: macOS Ventura 13.3↗2023-03-27

▶