Lucene search

[email protected]NVD:CVE-2023-42896

HistoryMar 28, 2024 - 4:15 p.m.

CVE-2023-42896

2024-03-2816:15:07

[email protected]

web.nvd.nist.gov

cve-2023-42896

macos

ios

temporary files

file system modification

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

4.9 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.3%

JSON

An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, macOS Sonoma 14.2. An app may be able to modify protected parts of the file system.

Affected configurations

NVD

Node

appleipadosRange<16.7.3

appleipadosRange17.0–17.2

appleiphone_osRange<16.7.3

appleiphone_osRange17.0–17.2

applemacosRange12.0–12.7.2

applemacosRange13.0–13.6.3

applemacosRange14.0–14.2

References

support.apple.com/en-us/HT214034

support.apple.com/en-us/HT214035

support.apple.com/en-us/HT214036

support.apple.com/en-us/HT214037

support.apple.com/en-us/HT214038

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

4.9 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.3%

JSON

Related for NVD:CVE-2023-42896

cve1 cvelist1 githubexploit1 apple5 nessus3 openvas3