Lucene search

AppleCVELIST:CVE-2023-23528

HistoryMay 08, 2023 - 12:00 a.m.

CVE-2023-23528

2023-05-0800:00:00

apple

www.cve.org

bounds checking

ios

ipados

tvos

bluetooth

disclosure

process memory

cve-2023-23528

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.6%

JSON

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 16.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted Bluetooth packet may result in disclosure of process memory.

CNA Affected

[
  {
    "vendor": "Apple",
    "product": "iOS and iPadOS",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "16.4",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "tvOS",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "16.4",
        "versionType": "custom"
      }
    ]
  }
]

References

support.apple.com/en-us/HT213674

support.apple.com/en-us/HT213676