CVE-2023-42878
First published: Wed Oct 25 2023(Updated: )
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.
Credit: Kirin @Pwnrin SecuRingWojciech Regula SecuRing Computer ScienceCristian Dinca Computer ScienceRomania Kirin @Pwnrin SecuRingWojciech Regula SecuRing Computer ScienceCristian Dinca Computer ScienceRomania Kirin @Pwnrin SecuRingWojciech Regula SecuRing Computer ScienceCristian Dinca Computer ScienceRomania product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple macOS | <14.1 | 14.1 |
| watchOS | <10.1 | 10.1 |
| iPadOS | <17.1 | |
| Apple iPhone OS | <17.1 | |
| Apple macOS | =14.0 | |
| watchOS | <10.1 | |
| Apple iOS | <17.1 | 17.1 |
| iPadOS | <17.1 | 17.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2023-30774
- CVE-2023-40444
- CVE-2023-42952
- CVE-2023-42945
- CVE-2023-41072
- CVE-2023-42857
- CVE-2023-40449
- CVE-2023-42823
- CVE-2023-41989
- CVE-2023-42854
- CVE-2023-40413
- CVE-2023-42834
- CVE-2023-42844
- CVE-2023-42953
- CVE-2023-40416
- CVE-2023-42848
- CVE-2023-40423
- CVE-2023-38403
- CVE-2023-42849
- CVE-2023-42850
- CVE-2023-40446
- CVE-2023-42942
- CVE-2023-42861
- CVE-2023-42935
- CVE-2023-40408
- CVE-2023-40405
- CVE-2023-28826
- CVE-2023-42856
- CVE-2023-40404
- CVE-2023-42859
- CVE-2023-42877
- CVE-2023-42840
- CVE-2023-42853
- CVE-2023-42860
- CVE-2023-42889
- CVE-2023-42847
- CVE-2023-42845
- CVE-2023-42841
- CVE-2023-42873
- CVE-2023-42838
- CVE-2023-42835
- CVE-2023-41977
- CVE-2023-42438
- CVE-2023-42836
- CVE-2023-42839
- CVE-2023-42878
- CVE-2023-41982
- CVE-2023-41997
- CVE-2023-41988
- CVE-2023-42946
- CVE-2023-36191
- CVE-2023-40421
- CVE-2023-42842
- CVE-2023-4733
- CVE-2023-4734
- CVE-2023-4735
- CVE-2023-4736
- CVE-2023-4738
- CVE-2023-4750
- CVE-2023-4751
- CVE-2023-4752
- CVE-2023-4781
- CVE-2023-41254
- CVE-2023-40447
- CVE-2023-41976
- CVE-2023-42852
- CVE-2023-42843
- CVE-2023-41983
- CVE-2023-41975
- CVE-2023-42858
- CVE-2023-42846
- CVE-2023-42928
- CVE-2023-42951
- CVE-2023-42855
- CVE-2023-40445
- CVE-2023-42939
Frequently Asked Questions
What is the severity of CVE-2023-42878?
CVE-2023-42878 is classified as a privacy vulnerability that could allow unauthorized access to sensitive user data.
How do I fix CVE-2023-42878?
To fix CVE-2023-42878, update your affected devices to iOS 17.1, iPadOS 17.1, macOS Sonoma 14.1, or watchOS 10.1.
Which devices are affected by CVE-2023-42878?
CVE-2023-42878 affects devices running iOS up to 17.0, iPadOS up to 17.0, macOS 14.0, and watchOS up to 10.0.
What type of issue is CVE-2023-42878?
CVE-2023-42878 is a privacy issue related to insufficient redaction of sensitive data in log entries.
What does CVE-2023-42878 allow unauthorized apps to do?
CVE-2023-42878 may allow unauthorized apps to access sensitive user data via the Share Sheet.
- agent/first-publish-date
- agent/type
- agent/description
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/trending
- agent/source
- collector/apple-support
- source/Apple
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/references
- collector/nvd-api
- source/NVD
- agent/softwarecombine
- agent/tags
- vendor/apple
- canonical/apple macos
- canonical/watchos
- canonical/ipados
- canonical/apple iphone os
- version/apple macos/14.0
- canonical/apple ios