First published: Mon Mar 27 2023(Updated: )
ColorSync. The issue was addressed with improved checks.
Credit: JeongOhKyea JeongOhKyea JeongOhKyea JeongOhKyea JeongOhKyea product-security@apple.com product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple tvOS | <16.4 | 16.4 |
Apple Ipad Os | <16.4 | |
Apple iPhone OS | <16.4 | |
Apple macOS | >=11.0<11.7.5 | |
Apple macOS | >=12.0<12.6.4 | |
Apple macOS | >=13.0<13.3 | |
Apple macOS Ventura | <13.3 | 13.3 |
Apple iOS | <16.4 | 16.4 |
Apple iPadOS | <16.4 | 16.4 |
Apple macOS Monterey | <12.6.4 | 12.6.4 |
Apple macOS Big Sur | <11.7.5 | 11.7.5 |
Apple iPadOS | <16.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2023-27955 is a vulnerability in ColorSync that allows an app to read arbitrary files.
CVE-2023-27955 has a severity rating of medium (5.5).
CVE-2023-27955 is fixed in various versions of macOS Ventura, iOS, iPadOS, macOS Monterey, tvOS, and macOS Big Sur. Please refer to Apple's support page for specific versions and details.
CVE-2023-27955 affects Apple tvOS, iOS, iPadOS, macOS, macOS Big Sur, macOS Ventura, and macOS Monterey. Please refer to Apple's support page for specific versions affected.
You can find more information about CVE-2023-27955 on Apple's support page. The links are: [1](https://support.apple.com/en-us/HT213675), [2](https://support.apple.com/en-us/HT213670), [3](https://support.apple.com/en-us/HT213676).