First published: Mon Jan 23 2023(Updated: )
AppleMobileFileIntegrity. This issue was addressed with improved checks to prevent unauthorized actions.
Credit: Csaba Fitzl @theevilbit Offensive SecurityMickey Jin @patch1t product-security@apple.com Csaba Fitzl @theevilbit Offensive SecurityMickey Jin @patch1t Csaba Fitzl @theevilbit Offensive SecurityMickey Jin @patch1t Csaba Fitzl @theevilbit Offensive SecurityMickey Jin @patch1t product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple Ipad Os | <16.3 | |
Apple iPhone OS | <16.3 | |
Apple macOS | >=13.0<13.2 | |
Apple watchOS | <9.3 | |
Apple watchOS | <9.3 | 9.3 |
Apple macOS Ventura | <13.2 | 13.2 |
Apple tvOS | <16.3 | 16.3 |
Apple iOS | <16.3 | 16.3 |
Apple iPadOS | <16.3 | 16.3 |
Apple iPadOS | <16.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
The severity of CVE-2023-32438 is medium with a severity value of 5.5.
CVE-2023-32438 was fixed in tvOS 16.3, macOS Ventura 13.2, watchOS 9.3, iOS 16.3, and iPadOS 16.3 with improved checks to prevent unauthorized actions.
CVE-2023-32438 affects watchOS up to version 9.3, macOS Ventura up to version 13.2, tvOS up to version 16.3, iOS up to version 16.3, and iPadOS up to version 16.3.
CVE-2023-32438 allows an app to bypass Privacy preferences.
More information about CVE-2023-32438 can be found on the Apple support website: [Apple Support](https://support.apple.com/en-us/HT213599), [Apple Support](https://support.apple.com/en-us/HT213605), [Apple Support](https://support.apple.com/en-us/HT213601).