CVE-2023-42925

Published Jul 29, 2024

Last updated 2 months ago

CVSS low 3.3

Overview

Description: The issue was addressed with improved restriction of data container access. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access Notes attachments.
Source: product-security@apple.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 3.3
Impact score: 1.4
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Severity: LOW

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-200

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880",
            "versionEndExcluding": "17.0"
          },
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199",
            "versionEndExcluding": "17.0"
          },
          {
            "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "376382BD-FF1A-4D9F-B4B1-76727BD1F8AF",
            "versionEndIncluding": "14.0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References