CVE-2023-42836
First published: Wed Oct 25 2023(Updated: )
A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.3, macOS Sonoma 14.1, macOS Monterey 12.7.2. An attacker may be able to access connected network volumes mounted in the home directory.
Credit: Yiğit Can YILMAZ @yilmazcanyigit product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple macOS Monterey | <12.7.2 | 12.7.2 |
| Apple macOS | <14.1 | 14.1 |
| Apple macOS | <13.6.3 | 13.6.3 |
| iPadOS | <17.1 | |
| Apple iPhone OS | <17.1 | |
| Apple macOS | >=12.0<12.7.2 | |
| Apple macOS | >=13.0<13.6.3 | |
| Apple macOS | =14.0 | |
| Apple iOS | <17.1 | 17.1 |
| iPadOS | <17.1 | 17.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2023-42919
- CVE-2023-42894
- CVE-2023-42896
- CVE-2023-42886
- CVE-2023-42931
- CVE-2023-41989
- CVE-2023-42892
- CVE-2023-42922
- CVE-2023-42834
- CVE-2023-42899
- CVE-2023-42891
- CVE-2023-42974
- CVE-2023-42914
- CVE-2023-42893
- CVE-2023-3618
- CVE-2020-19185
- CVE-2020-19186
- CVE-2020-19187
- CVE-2020-19188
- CVE-2020-19189
- CVE-2020-19190
- CVE-2023-42838
- CVE-2023-42836
- CVE-2023-42936
- CVE-2023-42930
- CVE-2023-42932
- CVE-2023-42947
- CVE-2023-5344
- CVE-2023-30774
- CVE-2023-40444
- CVE-2023-42952
- CVE-2023-42945
- CVE-2023-41072
- CVE-2023-42857
- CVE-2023-40449
- CVE-2023-42823
- CVE-2023-42854
- CVE-2023-40413
- CVE-2023-42844
- CVE-2023-42953
- CVE-2023-40416
- CVE-2023-42848
- CVE-2023-40423
- CVE-2023-38403
- CVE-2023-42849
- CVE-2023-42850
- CVE-2023-40446
- CVE-2023-42942
- CVE-2023-42861
- CVE-2023-42935
- CVE-2023-40408
- CVE-2023-40405
- CVE-2023-28826
- CVE-2023-42856
- CVE-2023-40404
- CVE-2023-42859
- CVE-2023-42877
- CVE-2023-42840
- CVE-2023-42853
- CVE-2023-42860
- CVE-2023-42889
- CVE-2023-42847
- CVE-2023-42845
- CVE-2023-42841
- CVE-2023-42873
- CVE-2023-42835
- CVE-2023-41977
- CVE-2023-42438
- CVE-2023-42839
- CVE-2023-42878
- CVE-2023-41982
- CVE-2023-41997
- CVE-2023-41988
- CVE-2023-42946
- CVE-2023-36191
- CVE-2023-40421
- CVE-2023-42842
- CVE-2023-4733
- CVE-2023-4734
- CVE-2023-4735
- CVE-2023-4736
- CVE-2023-4738
- CVE-2023-4750
- CVE-2023-4751
- CVE-2023-4752
- CVE-2023-4781
- CVE-2023-41254
- CVE-2023-40447
- CVE-2023-41976
- CVE-2023-42852
- CVE-2023-42843
- CVE-2023-41983
- CVE-2023-41975
- CVE-2023-42858
- CVE-2023-42924
- CVE-2023-42884
- CVE-2023-42928
- CVE-2023-42846
- CVE-2023-42951
- CVE-2023-42855
- CVE-2023-40445
- CVE-2023-42939
Frequently Asked Questions
What is the severity of CVE-2023-42836?
CVE-2023-42836 is considered to have a medium severity due to the potential for unauthorized access to connected network volumes.
How do I fix CVE-2023-42836?
To fix CVE-2023-42836, upgrade your device to iOS 17.1, iPadOS 17.1, macOS Ventura 13.6.3, macOS Sonoma 14.1, or macOS Monterey 12.7.2.
What systems are affected by CVE-2023-42836?
CVE-2023-42836 affects iOS versions prior to 17.1, iPadOS versions prior to 17.1, and various macOS versions prior to their respective fix releases.
Is there a workaround for CVE-2023-42836?
There is no specific workaround available for CVE-2023-42836; the recommended solution is to update the software.
Who fixed CVE-2023-42836?
CVE-2023-42836 was addressed by Apple in their recent update releases.
- agent/first-publish-date
- agent/type
- agent/description
- agent/event
- collector/apple-support
- source/Apple
- agent/software-canonical-lookup
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/trending
- agent/software-canonical-lookup-request
- agent/source
- agent/author
- collector/nvd-api
- source/NVD
- agent/softwarecombine
- agent/tags
- vendor/apple
- canonical/apple macos monterey
- canonical/apple macos
- canonical/ipados
- canonical/apple iphone os
- version/apple macos/12.0
- version/apple macos/13.0
- version/apple macos/14.0
- canonical/apple ios