CVE-2023-32359 — Apple IOS AND Ipados vulnerability

8 documents6 sources

Severity

7.5HIGHNVD

EPSS

0.1%

top 72.55%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple IOS AND Ipados Apple Ipados Apple Iphone OS +5 more

Timeline

PublishedOct 25

Latest updateNov 15

Description

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2. A user's password may be read aloud by VoiceOver.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages8 packages

▶NVDapple/ipados< 16.7.2

▶CVEListV5apple/ios_and_ipadosunspecified — 16.7

▶Appleapple/ios_17_and_ipados17

▶Appleapple/ios_16.7.2_and_ipados16.7.2

▶NVDapple/iphone_os< 16.7.2

🔴Vulnerability Details

GHSA

GHSA-m58q-xcxc-4q6h: This issue was addressed with improved redaction of sensitive information↗2023-10-25

▶

OSV

CVE-2023-32359: This issue was addressed with improved redaction of sensitive information↗2023-10-25

▶

📋Vendor Advisories

Red Hat

webkitgtk: User password may be read aloud by a text-to-speech accessibility feature↗2023-11-15

▶

Apple

CVE-2023-32359: iOS 16.7.2 and iPadOS 16.7.2↗2023-10-25

▶

Apple

CVE-2023-32359: macOS Sonoma 14↗2023-09-26

▶

Apple

CVE-2023-32359: iOS 17 and iPadOS 17↗2023-09-18

▶

Debian

CVE-2023-32359: webkit2gtk - This issue was addressed with improved redaction of sensitive information. This ...↗2023

▶