First published: Mon Mar 27 2023(Updated: )
Accessibility. A privacy issue was addressed with improved private data redaction for log entries.
Credit: product-security@apple.com Meysam Firouzi @R00tkitSMM Mbition Mercedesjzhu Trend Micro Zero Day InitiativePan ZhenPeng @Peterpan0927 STAR Labs SG PtePan ZhenPeng STAR Labs SG PteZechao Cai @Zech4o Zhejiang UniversityAdam Doupé ASU SEFCOMsqrtpwn Félix Poulin-Bélanger David Pan Ogea an anonymous researcher Red CanaryBrandon Dalton @partyD0lphin Red CanaryMilan Tenk F FArthur Valiev FMickey Jin @patch1t Zweig Kunlun LabAbhay Kailasia @abhay_kailasia Lakshmi Narain College Of Technology BhopalZhuowei Zhang developStorm Anton Spivak Yiğit Can YILMAZ @yilmazcanyigit Jubaer Alnazi Jabin TRS Group Of Companies Alibaba GroupWenchao Li Alibaba GroupXiaolong Bai Alibaba GroupXin Huang @11iaxH Gertjan Franken imecKU Leuven hazbinhotel Trend Micro Zero Day InitiativeHyeon Park @tree_segment Team ApplePIEGeorgy Kucherin @kucher1n KasperskyLeonid Bezvershenko @bzvr_ KasperskyBoris Larin @oct0xor Kaspersky KasperskyValentin Pashkov Kasperskyan anonymous researcher Anonymous Trend Micro Zero Day InitiativeDohyun Lee @l33d0hyun SSD Labscrixer @pwning_me SSD LabsAdam M. Mohamed GHANNAM @_simo36 Mohamed GHANNAM Mohamed Ghannam @_simo36 Rıza Sabuncu @rizasabuncu Itay Iellin General Motors Product Cyber SecurityJeongOhKyea Jianjun Dai 360 Vulnerability Research InstituteGuang Gong 360 Vulnerability Research InstituteTingting Yin Tsinghua UniversityYe Zhang @VAR10CK Baidu SecurityJubaer Alnazi TRS Group of CompaniesCsaba Fitzl @theevilbit Offensive Securityryuzaki Murray Mike Arsenii Kostromin (0x3c3e) Xinru Chi Pangu LabNed Williamson Google Project ZeroJoshua Jones Khiem Tran Mickey Jin @patch1t FFRI Security IncKoh M. Nakagawa FFRI Security Inc Offensive SecurityMasahiro Kawada @kawakatz GMO Cybersecurity by IeraeGuilherme Rambo Best Buddy AppsCVE-2023-0049 CVE-2023-0051 CVE-2023-0054 CVE-2023-0288 CVE-2023-0433 CVE-2023-0512 Aleksandar Nikolic Cisco TalosMikko Kenttälä ) @Turmio_ SensorFuChan Shue Long Offensive SecurityJunoh Lee at Theori CVE-2022-43551 CVE-2022-43552 ABC Research s.r.o.
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iOS and macOS | >=13.0<13.3 | |
Apple iOS, iPadOS, and watchOS | <16.4 | 16.4 |
Apple iOS, iPadOS, and watchOS | <16.4 | 16.4 |
macOS Ventura | <13.3 | 13.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
(Found alongside the following vulnerabilities)
The severity of CVE-2023-28187 is medium with a severity value of 6.5.
CVE-2023-28187 was fixed with improved state management in macOS Ventura 13.3.
The affected software for CVE-2023-28187 is Apple macOS Ventura version up to exclusive 13.3.
CVE-2023-28187 can be exploited by a user to cause a denial-of-service.
More information about CVE-2023-28187 can be found at the following references: [Support Article 1](https://support.apple.com/en-us/HT213670), [Support Article 2](https://support.apple.com/kb/HT213670).