CVE-2023-42824

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Oct 4, 2023

Updated: Oct 26, 2023

Summary

CVE-2023-42824 is a privilege escalation vulnerability that Apple addressed in iOS 16.7.1 and iPadOS 16.7.1. A local attacker could potentially exploit this flaw to elevate their privileges, gaining unauthorized access to sensitive information or functionality. The vulnerability was reportedly being actively exploited in some versions of iOS prior to 16.6. Apple has implemented improved checks to prevent such attacks, mitigating the risk for affected users.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Apple (iPhone OS)
iPadOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/ssAv1G
https://www.cve.org/CVERecord?id=CVE-2023-42824
https://nvd.nist.gov/vuln/detail/CVE-2023-42824

Back to Vulnerability Database