CVE-2023-27940

Summary

The issue was addressed with additional permissions checks. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6, macOS Ventura 13.4. A sandboxed app may be able to observe system-wide network connections.

Affected Software

VendorProductVersion RangeStatus
ApplemacOSunspecified < 13.4affected
ApplemacOSunspecified < 12.6affected
AppleiOS and iPadOSunspecified < 15.7affected

Weaknesses

  • A sandboxed app may be able to observe system-wide network connections

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References