Lucene search

K
nvd[email protected]NVD:CVE-2023-23532
HistoryMay 08, 2023 - 8:15 p.m.

CVE-2023-23532

2023-05-0820:15:16
web.nvd.nist.gov
10
sandbox breakout prevention
macos ventura 13.3
ios 16.4
ipados 16.4
ios 15.7.6
ipados 15.7.6
improved checks

CVSS3

8.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

0

Percentile

5.1%

This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.6 and iPadOS 15.7.6. An app may be able to break out of its sandbox.

Affected configurations

Nvd
Node
appleipadosRange<16.4
OR
appleiphone_osRange<16.4
OR
applemacosRange<13.3
VendorProductVersionCPE
appleipados*cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
appleiphone_os*cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
applemacos*cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

CVSS3

8.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

0

Percentile

5.1%

Related for NVD:CVE-2023-23532