CVE-2023-41068 — Apple IOS AND Ipados vulnerability

6 documents3 sources

Severity

7.8HIGHNVD

EPSS

0.0%

top 92.54%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple IOS AND Ipados Apple Tvos Apple Watchos +4 more

Timeline

PublishedSep 27

Description

An access issue was addressed with improved access restrictions. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, iOS 16.7 and iPadOS 16.7. A user may be able to elevate privileges.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages11 packages

▶NVDapple/ipados< 16.7

▶CVEListV5apple/ios_and_ipadosunspecified — 17+1

▶Appleapple/ios_17_and_ipados17

▶Appleapple/ios_16.7_and_ipados16.7

▶CVEListV5apple/tvosunspecified — 17

🔴Vulnerability Details

GHSA

GHSA-3cvg-mp22-q8rc: An access issue was addressed with improved access restrictions↗2023-09-27

▶

📋Vendor Advisories

Apple

CVE-2023-41068: iOS 16.7 and iPadOS 16.7↗2023-09-21

▶

Apple

CVE-2023-41068: iOS 17 and iPadOS 17↗2023-09-18

▶

Apple

CVE-2023-41068: tvOS 17↗2023-09-18

▶

Apple

CVE-2023-41068: watchOS 10↗2023-09-18

▶