CVE-2023-42845
First published: Wed Oct 25 2023(Updated: )
An authentication issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. Photos in the Hidden Photos Album may be viewed without authentication.
Credit: Bistrit Dahla Bistrit Dahla product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iOS | <17.1 | 17.1 |
| Apple iPadOS | <17.1 | 17.1 |
| Apple macOS Sonoma | <14.1 | 14.1 |
| Apple iPadOS | >=17.0<17.1 | |
| Apple iPhone OS | >=17.0<17.1 | |
| Apple macOS | >=14.0<14.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2023-42952
- CVE-2023-41072
- CVE-2023-42857
- CVE-2023-40449
- CVE-2023-42823
- CVE-2023-42928
- CVE-2023-40413
- CVE-2023-42834
- CVE-2023-42953
- CVE-2023-40416
- CVE-2023-42848
- CVE-2023-40423
- CVE-2023-42849
- CVE-2023-40446
- CVE-2023-42942
- CVE-2023-40408
- CVE-2023-42846
- CVE-2023-42847
- CVE-2023-42845
- CVE-2023-42841
- CVE-2023-42873
- CVE-2023-42951
- CVE-2023-42836
- CVE-2023-42839
- CVE-2023-42855
- CVE-2023-42878
- CVE-2023-41982
- CVE-2023-41997
- CVE-2023-41988
- CVE-2023-42946
- CVE-2023-40445
- CVE-2023-41254
- CVE-2023-40447
- CVE-2023-41976
- CVE-2023-42852
- CVE-2023-42843
- CVE-2023-42939
- CVE-2023-41983
- CVE-2023-30774
- CVE-2023-40444
- CVE-2023-42945
- CVE-2023-41989
- CVE-2023-42854
- CVE-2023-42844
- CVE-2023-38403
- CVE-2023-42850
- CVE-2023-42861
- CVE-2023-42935
- CVE-2023-40405
- CVE-2023-28826
- CVE-2023-42856
- CVE-2023-40404
- CVE-2023-42859
- CVE-2023-42877
- CVE-2023-42840
- CVE-2023-42853
- CVE-2023-42860
- CVE-2023-42889
- CVE-2023-42838
- CVE-2023-42835
- CVE-2023-41977
- CVE-2023-42438
- CVE-2023-36191
- CVE-2023-40421
- CVE-2023-42842
- CVE-2023-4733
- CVE-2023-4734
- CVE-2023-4735
- CVE-2023-4736
- CVE-2023-4738
- CVE-2023-4750
- CVE-2023-4751
- CVE-2023-4752
- CVE-2023-4781
- CVE-2023-41975
- CVE-2023-42858
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID is CVE-2023-42845.
What is the title of this vulnerability?
The title of this vulnerability is 'Photos. An authentication issue was addressed with improved state management.'
How can this vulnerability be exploited?
This vulnerability allows viewing Photos in the Hidden Photos Album without authentication.
Which Apple products are affected by this vulnerability?
macOS Sonoma 14.1, iOS 17.1, and iPadOS 17.1 are affected by this vulnerability.
How can I fix this vulnerability?
To fix this vulnerability, update to macOS Sonoma 14.1, iOS 17.1, or iPadOS 17.1.
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- collector/apple-support
- source/Apple
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-api
- agent/tags
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/apple
- canonical/apple ios
- canonical/apple ipados
- version/apple ipados/17.0
- canonical/apple iphone os
- version/apple iphone os/17.0
- canonical/apple macos
- version/apple macos/14.0
- canonical/apple macos sonoma