CVE-2023-42961

Summary

A path handling issue was addressed with improved validation. This issue is fixed in iOS 17 and iPadOS 17, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14, macOS Ventura 13.6, macOS Monterey 12.7. A sandboxed process may be able to circumvent sandbox restrictions.

Affected Software

VendorProductVersion RangeStatus
AppleiOS and iPadOSunspecified < 17affected
AppleiOS and iPadOSunspecified < 16.7affected
ApplemacOSunspecified < 14affected
ApplemacOSunspecified < 13.6affected
ApplemacOSunspecified < 12.7affected

Weaknesses

  • A path handling issue was addressed with improved validation.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References