Headline
CVE-2023-40384: About the security content of iOS 17 and iPadOS 17
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to read sensitive location information.
Released September 18, 2023
Airport
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to read sensitive location information
Description: A permissions issue was addressed with improved redaction of sensitive information.
CVE-2023-40384: Adam M.
App Store
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: A remote attacker may be able to break out of Web Content sandbox
Description: The issue was addressed with improved handling of protocols.
CVE-2023-40448: w0wbox
Apple Neural Engine
Available for devices with Apple Neural Engine: iPhone XS and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-40432: Mohamed GHANNAM (@_simo36)
CVE-2023-41174: Mohamed GHANNAM (@_simo36)
CVE-2023-40409: Ye Zhang (@VAR10CK) of Baidu Security
CVE-2023-40412: Mohamed GHANNAM (@_simo36)
Apple Neural Engine
Available for devices with Apple Neural Engine: iPhone XS and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A use-after-free issue was addressed with improved memory management.
CVE-2023-41071: Mohamed GHANNAM (@_simo36)
Apple Neural Engine
Available for devices with Apple Neural Engine: iPhone XS and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to disclose kernel memory
Description: The issue was addressed with improved memory handling.
CVE-2023-40399: Mohamed GHANNAM (@_simo36)
Apple Neural Engine
Available for devices with Apple Neural Engine: iPhone XS and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to disclose kernel memory
Description: An out-of-bounds read was addressed with improved input validation.
CVE-2023-40410: Tim Michaud (@TimGMichaud) of Moveworks.ai
AuthKit
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to access user-sensitive data
Description: The issue was addressed with improved handling of caches.
CVE-2023-32361: Csaba Fitzl (@theevilbit) of Offensive Security
Biometric Authentication
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to disclose kernel memory
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2023-41232: Liang Wei of PixiePoint Security
Bluetooth
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An attacker in physical proximity can cause a limited out of bounds write
Description: The issue was addressed with improved checks.
CVE-2023-35984: zer0k
bootp
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to read sensitive location information
Description: A privacy issue was addressed with improved private data redaction for log entries.
CVE-2023-41065: Adam M., and Noah Roskin-Frazee and Professor Jason Lau (ZeroClicks.ai Lab)
CFNetwork
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may fail to enforce App Transport Security
Description: The issue was addressed with improved handling of protocols.
CVE-2023-38596: Will Brattain at Trail of Bits
CoreAnimation
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: Processing web content may lead to a denial-of-service
Description: The issue was addressed with improved memory handling.
CVE-2023-40420: 이준성(Junsung Lee) of Cross Republic
Dev Tools
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to gain elevated privileges
Description: This issue was addressed with improved checks.
CVE-2023-32396: Mickey Jin (@patch1t)
FileProvider
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to bypass Privacy preferences
Description: A permissions issue was addressed with additional restrictions.
CVE-2023-41980: Noah Roskin-Frazee and Professor Jason Lau (ZeroClicks.ai Lab)
Game Center
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to access contacts
Description: The issue was addressed with improved handling of caches.
CVE-2023-40395: Csaba Fitzl (@theevilbit) of Offensive Security
GPU Drivers
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-40431: Certik Skyfall Team
GPU Drivers
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to disclose kernel memory
Description: The issue was addressed with improved memory handling.
CVE-2023-40391: Antonio Zekic (@antoniozekic) of Dataflow Security
GPU Drivers
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: Processing web content may lead to a denial-of-service
Description: A resource exhaustion issue was addressed with improved input validation.
CVE-2023-40441: Ron Masas of Imperva
iCloud Photo Library
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to access a user’s Photos Library
Description: A configuration issue was addressed with additional restrictions.
CVE-2023-40434: Mikko Kenttälä (@Turmio_ ) of SensorFu
Kernel
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A use-after-free issue was addressed with improved memory management.
CVE-2023-41995: Certik Skyfall Team, pattern-f (@pattern_F_) of Ant Security Light-Year Lab
Kernel
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations
Description: The issue was addressed with improved memory handling.
CVE-2023-41981: Linus Henze of Pinauten GmbH (pinauten.de)
Kernel
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-41984: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd.
Kernel
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to access sensitive user data
Description: A permissions issue was addressed with improved validation.
CVE-2023-40429: Michael (Biscuit) Thomas and 张师傅(@京东蓝军)
libpcap
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: A remote user may cause an unexpected app termination or arbitrary code execution
Description: This issue was addressed with improved checks.
CVE-2023-40400: Sei K.
libxpc
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to delete files for which it does not have permission
Description: A permissions issue was addressed with additional restrictions.
CVE-2023-40454: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)
libxpc
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to access protected user data
Description: An authorization issue was addressed with improved state management.
CVE-2023-41073: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)
libxslt
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: Processing web content may disclose sensitive information
Description: The issue was addressed with improved memory handling.
CVE-2023-40403: Dohyun Lee (@l33d0hyun) of PK Security
Maps
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to read sensitive location information
Description: The issue was addressed with improved handling of caches.
CVE-2023-40427: Adam M., and Wojciech Regula of SecuRing (wojciechregula.blog)
MobileStorageMounter
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: A user may be able to elevate privileges
Description: An access issue was addressed with improved access restrictions.
CVE-2023-41068: Mickey Jin (@patch1t)
Music
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to modify protected parts of the file system
Description: The issue was addressed with improved checks.
CVE-2023-41986: Gergely Kalman (@gergely_kalman)
Photos Storage
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to access edited photos saved to a temporary directory
Description: The issue was addressed with improved checks.
CVE-2023-40456: Kirin (@Pwnrin)
CVE-2023-40520: Kirin (@Pwnrin)
Pro Res
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-41063: Certik Skyfall Team
Safari
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to identify what other apps a user has installed
Description: The issue was addressed with improved checks.
CVE-2023-35990: Adriatik Raci of Sentry Cybersecurity
Safari
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: Visiting a website that frames malicious content may lead to UI spoofing
Description: A window management issue was addressed with improved state management.
CVE-2023-40417: Narendra Bhati From Suma Soft Pvt. Ltd
Sandbox
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to overwrite arbitrary files
Description: The issue was addressed with improved bounds checks.
CVE-2023-40452: Yiğit Can YILMAZ (@yilmazcanyigit)
Share Sheet
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to access sensitive data logged when a user shares a link
Description: A logic issue was addressed with improved checks.
CVE-2023-41070: Kirin (@Pwnrin)
Simulator
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to gain elevated privileges
Description: The issue was addressed with improved checks.
CVE-2023-40419: Arsenii Kostromin (0x3c3e)
Siri
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to access sensitive user data
Description: The issue was addressed with improved handling of caches.
CVE-2023-40428: Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal
Spotlight
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to gain root privileges
Description: The issue was addressed with improved checks.
CVE-2023-40443: Gergely Kalman (@gergely_kalman)
StorageKit
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to read arbitrary files
Description: This issue was addressed with improved validation of symlinks.
CVE-2023-41968: Mickey Jin (@patch1t) and James Hutchins
TCC
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to access user-sensitive data
Description: The issue was addressed with improved checks.
CVE-2023-40424: Arsenii Kostromin (0x3c3e), Joshua Jewett (@JoshJewett33), and Csaba Fitzl (@theevilbit) of Offensive Security
WebKit
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: Processing web content may lead to arbitrary code execution
Description: A use-after-free issue was addressed with improved memory management.
WebKit Bugzilla: 249451
CVE-2023-39434: Francisco Alonso (@revskills), and Dohyun Lee (@l33d0hyun) of PK Security
WebKit
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: Processing web content may lead to arbitrary code execution
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 256551
CVE-2023-41074: 이준성(Junsung Lee) of Cross Republic and me Li
WebKit
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: Processing web content may lead to arbitrary code execution
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 239758
CVE-2023-35074: Abysslab Dong Jun Kim(@smlijun) and Jong Seong Kim(@nevul37)
Related news
A researcher bypassed the Calendar sandbox, Gatekeeper, and TCC in a chain attack that allowed for wanton theft of iCloud photos.
Gentoo Linux Security Advisory 202401-33 - Multiple vulnerabilities have been found in WebKitGTK+, the worst of which may lead to remote code execution. Versions greater than or equal to 2.42.2:4 are affected.
Debian Linux Security Advisory 5527-1 - Marcin Noga discovered that a specially crafted web page can abuse a vulnerability in the MediaRecorder API to cause memory corruption and potentially arbitrary code execution. Junsung Lee and Me Li discovered that processing web content may lead to arbitrary code execution. Bill Marczak and Maddie Stone discovered that processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Apple Security Advisory 09-26-2023-9 - tvOS 17 addresses bypass, code execution, out of bounds read, and use-after-free vulnerabilities.
Apple Security Advisory 09-26-2023-8 - watchOS 10 addresses bypass, code execution, out of bounds read, spoofing, and use-after-free vulnerabilities.
Apple Security Advisory 09-26-2023-7 - iOS 17 and iPadOS 17 addresses bypass, code execution, out of bounds read, resource exhaustion, spoofing, and use-after-free vulnerabilities.
Apple Security Advisory 09-26-2023-6 - Xcode 15 addresses memory disclosure, privilege escalation, and credential access vulnerabilities.
Apple Security Advisory 09-26-2023-5 - macOS Monterey 12.7 addresses code execution and out of bounds read vulnerabilities.
Apple Security Advisory 09-26-2023-4 - macOS Ventura 13.6 addresses bypass, code execution, out of bounds read, and use-after-free vulnerabilities.
Apple Security Advisory 09-26-2023-3 - iOS 16.7 and iPadOS 16.7 addresses bypass, code execution, and out of bounds read vulnerabilities.
Apple Security Advisory 09-26-2023-2 - macOS Sonoma 14 addresses buffer overflow, bypass, code execution, out of bounds read, resource exhaustion, spoofing, and use-after-free vulnerabilities.
Apple Security Advisory 09-26-2023-1 - Safari 17 addresses code execution and spoofing vulnerabilities.
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6. Apps that fail verification checks may still launch.
This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code.
A permissions issue was addressed with improved validation. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
This issue was addressed with improved checks. This issue is fixed in Xcode 15, tvOS 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to gain elevated privileges.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
The issue was addressed with improved checks. This issue is fixed in Safari 17, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.