CVE-2023-40424

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Sep 27, 2023

Updated: Oct 12, 2023

Summary

CVE-2023-40424 is a vulnerability affecting Apple's iOS, iPadOS, watchOS, and macOS operating systems. This issue allowed certain apps to potentially access user-sensitive data without proper authorization. The flaw has been addressed in the latest updates for each platform, specifically in iOS 17 and iPadOS 17, watchOS 10, and macOS Sonoma 14. Improved checks have been implemented to prevent unauthorized access to such data.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Apple (iPhone OS)
MacOS
Apple Watch
iPadOS
WatchOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sWE108
https://www.cve.org/CVERecord?id=CVE-2023-40424
https://nvd.nist.gov/vuln/detail/CVE-2023-40424

Back to Vulnerability Database