CVE-2023-41254

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Oct 25, 2023

Updated: Nov 2, 2023

CWE ID 532

Summary

CVE-2023-41254 is a privacy vulnerability that has been addressed in iOS 17.1, iPadOS 17.1, watchOS 10.1, iOS 16.7.2, iPadOS 16.7.2, macOS Ventura 13.6.1, and macOS Sonoma 14.1. The issue involved inadequate private data redaction for log entries, potentially allowing an app to access sensitive user information. This vulnerability has been resolved with the latest software updates.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Apple (iPhone OS)
Apple Watch
iPadOS
MacOS
WatchOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/ssAfoT
https://www.cve.org/CVERecord?id=CVE-2023-41254
https://nvd.nist.gov/vuln/detail/CVE-2023-41254

Back to Vulnerability Database