CVE-2023-23503
First published: Mon Jan 23 2023(Updated: )
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3. An app may be able to bypass Privacy preferences.
Credit: product-security@apple.com product-security@apple.com Adam M. Adam M. Adam M. Adam M. Adam M.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iPadOS | <15.7.3 | |
| Apple iPadOS | >=16.0<16.3 | |
| Apple iPhone OS | <15.7.3 | |
| Apple iPhone OS | >=16.0<16.3 | |
| Apple macOS | <13.2 | |
| Apple tvOS | <16.3 | |
| Apple watchOS | <9.3 | |
| <13.2 | 13.2 | |
| <16.3 | 16.3 | |
| <16.3 | 16.3 | |
| <16.3 | 16.3 | |
| <15.7.3 | 15.7.3 | |
| <15.7.3 | 15.7.3 | |
| Apple watchOS | <9.3 | 9.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT213598 (Advisory)
- https://support.apple.com/en-us/HT213599 (Advisory)
- https://support.apple.com/en-us/HT213601 (Advisory)
- https://support.apple.com/en-us/HT213605 (Advisory)
- https://support.apple.com/en-us/HT213606 (Advisory)
- https://support.apple.com/kb/HT213599
- https://support.apple.com/kb/HT213606
- https://support.apple.com/kb/HT213605
- https://support.apple.com/kb/HT213601
- https://support.apple.com/kb/HT213598
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2023-32438
- CVE-2023-23499
- CVE-2023-23520
- CVE-2022-42915
- CVE-2022-42916
- CVE-2022-32221
- CVE-2022-35260
- CVE-2023-23539
- CVE-2023-23513
- CVE-2023-23493
- CVE-2023-41990
- CVE-2023-23530
- CVE-2023-23531
- CVE-2023-23519
- CVE-2023-23507
- CVE-2023-23516
- CVE-2023-23500
- CVE-2023-23502
- CVE-2023-23504
- CVE-2023-23506
- CVE-2023-23498
- CVE-2023-23503
- CVE-2023-28208
- CVE-2023-23497
- CVE-2023-23510
- CVE-2023-23512
- CVE-2023-23505
- CVE-2022-3705
- CVE-2023-23511
- CVE-2023-32393
- CVE-2023-23496
- CVE-2023-23518
- CVE-2023-23517
- CVE-2023-23501
- CVE-2023-23508
- CVE-2022-0108
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2023-23503.
What is the severity rating for CVE-2023-23503?
The severity rating for CVE-2023-23503 is medium (5.5).
What is the description of CVE-2023-23503?
CVE-2023-23503 is a logic issue that was addressed with improved state management. An app may be able to bypass Privacy preferences.
Which software versions are affected by CVE-2023-23503?
iOS versions 15.7.3 and earlier, iPadOS versions 15.7.3 and earlier, tvOS versions up to 16.3, macOS Ventura versions up to 13.2, and watchOS versions up to 9.3 are affected by CVE-2023-23503.
How can I fix CVE-2023-23503?
To fix CVE-2023-23503, update your device to macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, or watchOS 9.3.
- agent/type
- agent/first-publish-date
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/author
- agent/severity
- agent/softwarecombine
- agent/event
- agent/description
- agent/last-modified-date
- agent/references
- agent/tags
- collector/apple-support
- source/Apple
- agent/software-canonical-lookup
- vendor/apple
- canonical/apple ipados
- version/apple ipados/16.0
- canonical/apple iphone os
- version/apple iphone os/16.0
- canonical/apple macos
- canonical/apple tvos
- canonical/apple watchos