5.5

CVE-2023-32407

A logic issue was addressed with improved state management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to bypass Privacy preferences.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleiPadOS Version < 15.7.6
AppleiPadOS Version >= 16.0 < 16.5
AppleiPhone OS Version < 15.7.6
AppleiPhone OS Version >= 16.0 < 16.5
ApplemacOS Version >= 11.0 < 11.7.7
ApplemacOS Version >= 12.0 < 12.6.6
ApplemacOS Version >= 13.0 < 13.4
AppletvOS Version < 16.5
ApplewatchOS Version < 9.5
ApplewatchOS Version9.5
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.93% 0.748
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CWE-276 Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

https://support.apple.com/en-us/HT213765
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT213759
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT213760
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT213757
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT213758
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT213761
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT213764
Vendor Advisory
Release Notes