VDB

CISA-2023-41968

CISA-2023-41968 PUBLISHED

Reported by apple · Published September 26, 2023

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to read arbitrary files.

Affected Products

VendorProductVersions
AppleiOS and iPadOSunspecified
ApplemacOSunspecified
ApplemacOSunspecified
AppletvOSunspecified
ApplemacOSunspecified
ApplewatchOSunspecified
AppletvOSunspecified, unspecified
AppleiOS and iPadOSunspecified, unspecified
ApplewatchOSunspecified, unspecified
ApplemacOSunspecified, unspecified, *

Timeline

  • Sep 26, 2023 CVE Published
  • Feb 13, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›