CVE-2023-40529 — Apple IOS AND Ipados vulnerability

3 documents3 sources

Severity

2.4LOWNVD

EPSS

0.1%

top 68.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple IOS AND Ipados Apple Ipados Apple Iphone OS +1 more

Timeline

PublishedJan 10

Latest updateJan 11

Description

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 17 and iPadOS 17. A person with physical access to a device may be able to use VoiceOver to access private calendar information.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 0.9 | Impact: 1.4

Affected Packages4 packages

▶NVDapple/ipados< 17.0

▶CVEListV5apple/ios_and_ipadosunspecified — 17

▶Appleapple/ios_17_and_ipados17

▶NVDapple/iphone_os< 17.0

🔴Vulnerability Details

GHSA

GHSA-fc3m-xrgg-2fxh: This issue was addressed with improved redaction of sensitive information↗2024-01-11

▶

📋Vendor Advisories

Apple

CVE-2023-40529: iOS 17 and iPadOS 17↗2023-09-18

▶