CVE-2023-40456

Published Sep 27, 2023

Last updated 7 months ago

CVSS low 3.3

Overview

Description: The issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10. An app may be able to access edited photos saved to a temporary directory.
Source: product-security@apple.com
NVD status: Modified
Products: ipados, iphone_os, tvos, watchos

Risk scores

CVSS 3.1

Type: Primary
Base score: 3.3
Impact score: 1.4
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Severity: LOW

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880",
            "versionEndExcluding": "17.0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199",
            "versionEndExcluding": "17.0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "93620AD0-115A-4F86-B533-76A190AF41A0",
            "versionEndExcluding": "17.0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6",
            "versionEndExcluding": "10.0",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References