First published: Mon Jan 23 2023(Updated: )
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. A user may send a text from a secondary eSIM despite configuring a contact to use a primary eSIM.
Credit: freshman freshman product-security@apple.com product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple Ipad Os | <16.3 | |
Apple iPhone OS | <16.3 | |
Apple macOS | >=13.0<13.2 | |
Apple macOS Ventura | <13.2 | 13.2 |
Apple iOS | <16.3 | 16.3 |
Apple iPadOS | <16.3 | 16.3 |
Apple iPadOS | <16.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
The severity of CVE-2023-28208 is medium with a severity value of 4.3.
CVE-2023-28208 is a logic issue in Messages that was addressed with improved state management. A user may send a text from a secondary eSIM despite configuring a contact to use a primary eSIM.
CVE-2023-28208 affects macOS Ventura 13.0 to 13.1.1, iOS up to 16.2, and iPadOS up to 16.2.
To fix CVE-2023-28208, update your macOS Ventura to version 13.2, iOS to version 16.3, and iPadOS to version 16.3.
For more information about CVE-2023-28208, you can visit the official Apple support pages: [Support Page 1](https://support.apple.com/en-us/HT213605) and [Support Page 2](https://support.apple.com/en-us/HT213606).