CVE-2023-42870

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 10, 2024

Updated: Jan 16, 2024

CWE ID 416

Summary

CVE-2023-42870 is a use-after-free vulnerability that has been addressed in the latest macOS Sonoma 14, iOS 17, and iPadOS 17 updates. This issue permits an application to execute arbitrary code with kernel privileges, potentially leading to serious security consequences if exploited. The memory management in the affected systems has been improved to mitigate this vulnerability, safeguarding user data and system stability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Apple (iPhone OS)
MacOS
iPadOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/ssAv1_
https://www.cve.org/CVERecord?id=CVE-2023-42870
https://nvd.nist.gov/vuln/detail/CVE-2023-42870

Back to Vulnerability Database