CVE-2023-42836

Summary

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.3, macOS Sonoma 14.1, macOS Monterey 12.7.2. An attacker may be able to access connected network volumes mounted in the home directory.

Affected Software

VendorProductVersion RangeStatus
ApplemacOSunspecified < 13.6affected
ApplemacOSunspecified < 14.1affected
ApplemacOSunspecified < 12.7affected
AppleiOS and iPadOSunspecified < 17.1affected

Weaknesses

  • An attacker may be able to access connected network volumes mounted in the home directory

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References