What is CVE-2023-27946?

CVE-2023-27946 is a vulnerability that allows for an out-of-bounds read, which can result in unexpected app termination or arbitrary code execution.

How does CVE-2023-27946 affect Apple devices?

CVE-2023-27946 affects various Apple devices including iOS, iPadOS, and macOS.

What is the severity of CVE-2023-27946?

The severity of CVE-2023-27946 is high, with a CVSS score of 7.8.

How can I fix CVE-2023-27946?

To fix CVE-2023-27946, update your device to the latest version of macOS Ventura, iOS, iPadOS, macOS Monterey, or macOS Big Sur as mentioned in the Apple security advisories.

Where can I find more information about CVE-2023-27946?

You can find more information about CVE-2023-27946 in the Apple security advisories: [link1], [link2], [link3].

Vulnerability/
CVE-2023-27946

high

7.8

CWE

125

27/3/2023

8/5/2023

2/8/2024

CVE-2023-27946

First published: Mon Mar 27 2023(Updated: )

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.

Credit: Mickey Jin @patch1t Mickey Jin @patch1t Mickey Jin @patch1t Mickey Jin @patch1t product-security@apple.com product-security@apple.com

Affected Software	Affected Version	How to fix
Apple iOS	<15.7.4	15.7.4
Apple iPadOS	<15.7.4	15.7.4
Apple Ipad Os	<15.7.4
Apple iPhone OS	<15.7.4
Apple macOS	>=11.0<11.7.5
Apple macOS	>=12.0<12.6.4
Apple macOS	>=13.0<13.3
	<12.6.4	12.6.4
	<11.7.5	11.7.5
Apple macOS Ventura	<13.3	13.3

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/HT213675 (Advisory)
https://support.apple.com/en-us/HT213673 (Advisory)
https://support.apple.com/en-us/HT213670 (Advisory)
https://support.apple.com/en-us/HT213677 (Advisory)
https://support.apple.com/kb/HT213673

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2023-23541
CVE-2023-27961
CVE-2023-23543
CVE-2023-27936
CVE-2023-23537
CVE-2023-27956
CVE-2023-32366
CVE-2023-27928
CVE-2023-27946
CVE-2023-23535
CVE-2023-28200
CVE-2023-27941
CVE-2023-27969
CVE-2023-23536
CVE-2023-28185
CVE-2023-41075
CVE-2023-27949
CVE-2023-27950
CVE-2023-28182
CVE-2023-27963
CVE-2023-27954
CVE-2023-23529
CVE-2023-28198
CVE-2023-32358
CVE-2023-28201
CVE-2023-32436
CVE-2023-27968
CVE-2023-28209
CVE-2023-28210
CVE-2023-28211
CVE-2023-28212
CVE-2023-28213
CVE-2023-28214
CVE-2023-28215
CVE-2023-32356
CVE-2023-23532
CVE-2023-23527
CVE-2023-27931
CVE-2023-28179
CVE-2023-42830
CVE-2023-27951
CVE-2023-23534
CVE-2023-27955
CVE-2023-40398
CVE-2023-28181
CVE-2023-32426
CVE-2022-43551
CVE-2022-43552
CVE-2023-27934
CVE-2023-28180
CVE-2023-27935
CVE-2023-27953
CVE-2023-27958
CVE-2023-40433
CVE-2023-28190
CVE-2023-28195
CVE-2023-27937
CVE-2023-23526
CVE-2023-27939
CVE-2023-27947
CVE-2023-27948
CVE-2023-42862
CVE-2023-42865
CVE-2023-27929
CVE-2023-27957
CVE-2023-32378
CVE-2023-28187
CVE-2023-28199
CVE-2023-23514
CVE-2023-27933
CVE-2023-27943
CVE-2023-23525
CVE-2023-40383
CVE-2023-28189
CVE-2023-28197
CVE-2023-23538
CVE-2023-27962
CVE-2023-23523
CVE-2023-27942
CVE-2023-32362
CVE-2023-27952
CVE-2023-23533
CVE-2023-28178
CVE-2023-27966
CVE-2023-23542
CVE-2023-28192
CVE-2023-28188
CVE-2023-0049
CVE-2023-0051
CVE-2023-0054
CVE-2023-0288
CVE-2023-0433
CVE-2023-0512
CVE-2023-32370
CVE-2023-32435
CVE-2023-27932
CVE-2014-1745
CVE-2023-27944
CVE-2023-23540
CVE-2022-26702

Frequently Asked Questions

What is CVE-2023-27946?
CVE-2023-27946 is a vulnerability that allows for an out-of-bounds read, which can result in unexpected app termination or arbitrary code execution.
How does CVE-2023-27946 affect Apple devices?
CVE-2023-27946 affects various Apple devices including iOS, iPadOS, and macOS.
What is the severity of CVE-2023-27946?
The severity of CVE-2023-27946 is high, with a CVSS score of 7.8.
How can I fix CVE-2023-27946?
To fix CVE-2023-27946, update your device to the latest version of macOS Ventura, iOS, iPadOS, macOS Monterey, or macOS Big Sur as mentioned in the Apple security advisories.
Where can I find more information about CVE-2023-27946?
You can find more information about CVE-2023-27946 in the Apple security advisories: [link1], [link2], [link3].

collector/nvd-latest
agent/type
agent/first-publish-date
collector/apple-support
source/Apple
agent/software-canonical-lookup-request
agent/software-canonical-lookup
agent/weakness
agent/severity
agent/author
agent/description
collector/nvd-api
collector/nvd-index
agent/last-modified-date
agent/softwarecombine
agent/event
agent/tags
agent/references
collector/mitre-cve
source/MITRE
vendor/apple
canonical/apple ios
canonical/apple ipados
canonical/apple ipad os
canonical/apple iphone os
canonical/apple macos
version/apple macos/11.0
version/apple macos/12.0
version/apple macos/13.0
canonical/apple macos ventura
canonical/apple macos big sur
canonical/apple macos monterey