CVE-2023-23524

Summary

A denial-of-service issue was addressed with improved input validation. This issue is fixed in tvOS 16.3.2, iOS 16.3.1 and iPadOS 16.3.1, watchOS 9.3.1, macOS Ventura 13.2.1. Processing a maliciously crafted certificate may lead to a denial-of-service.

Affected Software

VendorProductVersion RangeStatus
AppleiOS and iPadOSunspecified < 16.3affected
ApplewatchOSunspecified < 9.3affected
ApplemacOSunspecified < 13.2affected
AppletvOSunspecified < 16.3affected

Weaknesses

  • Processing a maliciously crafted certificate may lead to a denial-of-service

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References