CVE-2023-23524
published 2023-02-27CVE-2023-23524: A denial-of-service issue was addressed with improved input validation. This issue is fixed in tvOS 16.3.2, iOS 16.3.1 and iPadOS 16.3.1, watchOS 9.3.1, macOS…
PriorityP277high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
0.60%
44.5th percentile
A denial-of-service issue was addressed with improved input validation. This issue is fixed in tvOS 16.3.2, iOS 16.3.1 and iPadOS 16.3.1, watchOS 9.3.1, macOS Ventura 13.2.1. Processing a maliciously crafted certificate may lead to a denial-of-service.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_16.3.1_and_ipados | — | — |
| apple | ios_and_ipados | >= unspecified < 16.3 | 16.3 |
| apple | ipados | < 16.3.1 | 16.3.1 |
| apple | iphone_os | < 16.3.1 | 16.3.1 |
| apple | macos | < 13.2.1 | 13.2.1 |
| apple | macos | >= unspecified < 13.2 | 13.2 |
| apple | macos_ventura | — | — |
| apple | tvos | < 16.3.2 | 16.3.2 |
| apple | tvos | — | — |
| apple | tvos | >= unspecified < 16.3 | 16.3 |
| apple | watchos | < 9.3.1 | 9.3.1 |
| apple | watchos | — | — |
| apple | watchos | >= unspecified < 9.3 | 9.3 |
Detection & IOCsextracted from sources · hover to see the quote
- →The denial-of-service is triggered by submitting a malicious certificate chain to an application that performs X.509 certificate validation, such as a TLS server performing client certificate validation, causing exponential memory and CPU consumption in the policy tree builder. ↗
- →The root cause is exponential growth in the valid_policy_tree: a single policy P can produce multiple child nodes when multiple issuer policies map to P (step d.1 of RFC 5280 Section 6.1.3), causing tree size to increase multiplicatively at each certificate chain level. ↗
- ·The vulnerability affects X.509 policy validation in Apple platforms; fixed versions are tvOS 16.3.2, iOS 16.3.1, iPadOS 16.3.1, watchOS 9.3.1, and macOS Ventura 13.2.1. Detection should focus on unpatched versions of these platforms. ↗
- ·The exponential growth vulnerability exists specifically in the RFC 5280 policy tree algorithm; implementations that have replaced the policy tree with a policy graph (as described in RFC 9618) are not vulnerable to this attack vector. ↗
- ·Alternative mitigations for implementations that cannot adopt the policy graph include: verifying signatures before policy processing, limiting certificate chain depth, limiting policy tree size, inhibiting policy mapping, or disabling policy checking entirely. ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
vulncheck7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Apple
CVE-2023-23524: macOS Ventura 13.2.1
vendor_apple·2023-02-13·CVSS 7.5
CVE-2023-23524 [HIGH] CVE-2023-23524: macOS Ventura 13.2.1
Apple Security Update: About the security content of macOS Ventura 13.2.1
Product: macOS Ventura
Version: 13.2.1
CVE: CVE-2023-23524
Component: Security
Impact: Processing a maliciously crafted certificate may lead to a denial-of-service
Description: A denial-of-service issue was addressed with improved input validation.
Apple
CVE-2023-23524: watchOS 9.3.1
vendor_apple·2023-02-13·CVSS 7.5
CVE-2023-23524 [HIGH] CVE-2023-23524: watchOS 9.3.1
Apple Security Update: About the security content of watchOS 9.3.1
Product: watchOS
Version: 9.3.1
CVE: CVE-2023-23524
Component: Security
Impact: Processing a maliciously crafted certificate may lead to a denial-of-service
Description: A denial-of-service issue was addressed with improved input validation.
Apple
CVE-2023-23524: iOS 16.3.1 and iPadOS 16.3.1
vendor_apple·2023-02-13·CVSS 7.5
CVE-2023-23524 [HIGH] CVE-2023-23524: iOS 16.3.1 and iPadOS 16.3.1
Apple Security Update: About the security content of iOS 16.3.1 and iPadOS 16.3.1
Product: iOS 16.3.1 and iPadOS
Version: 16.3.1
CVE: CVE-2023-23524
Component: Security
Impact: Processing a maliciously crafted certificate may lead to a denial-of-service
Description: A denial-of-service issue was addressed with improved input validation.
Apple
CVE-2023-23524: tvOS 16.3.2
vendor_apple·2023-02-13·CVSS 7.5
CVE-2023-23524 [HIGH] CVE-2023-23524: tvOS 16.3.2
Apple Security Update: About the security content of tvOS 16.3.2
Product: tvOS
Version: 16.3.2
CVE: CVE-2023-23524
Component: Security
Impact: Processing a maliciously crafted certificate may lead to a denial-of-service
Description: A denial-of-service issue was addressed with improved input validation.
GHSA
GHSA-r596-4r66-j5v5: A denial-of-service issue was addressed with improved input validation
ghsa_unreviewed·2023-02-27
CVE-2023-23524 [HIGH] CWE-400 GHSA-r596-4r66-j5v5: A denial-of-service issue was addressed with improved input validation
A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1, tvOS 16.3.2, watchOS 9.3.1. Processing a maliciously crafted certificate may lead to a denial-of-service.
VulnCheck
Apple ipados Uncontrolled Resource Consumption
vulncheck·2023·CVSS 7.5
CVE-2023-23524 [HIGH] Apple ipados Uncontrolled Resource Consumption
Apple ipados Uncontrolled Resource Consumption
A denial-of-service issue was addressed with improved input validation. This issue is fixed in tvOS 16.3.2, iOS 16.3.1 and iPadOS 16.3.1, watchOS 9.3.1, macOS Ventura 13.2.1. Processing a maliciously crafted certificate may lead to a denial-of-service.
Affected: Apple ipados
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://support.apple.com/kb/HT213633
No detection rules found.
No public exploits indexed.
https://support.apple.com/en-us/HT213632https://support.apple.com/en-us/HT213633https://support.apple.com/en-us/HT213634https://support.apple.com/en-us/HT213635https://support.apple.com/en-us/HT213632https://support.apple.com/en-us/HT213633https://support.apple.com/en-us/HT213634https://support.apple.com/en-us/HT213635
2023-02-27
Published
Exploited in the wild