This issue was addressed with improved handling of symlinks. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. A malicious app may be able to gain root privileges.
History

Thu, 12 Dec 2024 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple ipados
CPEs cpe:2.3:o:apple:ipad_os:17.0:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*
Vendors & Products Apple ipados

Tue, 03 Dec 2024 21:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ipad Os
Apple iphone Os
Apple macos
Apple tvos
Apple watchos
Weaknesses CWE-59
CPEs cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipad_os:17.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:17.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:14.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple ipad Os
Apple iphone Os
Apple macos
Apple tvos
Apple watchos
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}


Tue, 27 Aug 2024 17:00:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published: 2024-02-21T06:41:01.832Z

Updated: 2024-08-27T16:00:10.326Z

Reserved: 2023-09-14T19:05:11.472Z

Link: CVE-2023-42942

cve-icon Vulnrichment

Updated: 2024-08-02T19:37:21.918Z

cve-icon NVD

Status : Analyzed

Published: 2024-02-21T07:15:50.963

Modified: 2024-12-12T14:26:18.893

Link: CVE-2023-42942

cve-icon Redhat

No data.