CVE-2023-42953
First published: Wed Oct 25 2023(Updated: )
A permissions issue was addressed with additional restrictions. This issue is fixed in tvOS 17.1, watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.
Credit: Michael (Biscuit) Thomas - @social.lol @biscuit product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple macOS | <14.1 | 14.1 |
| watchOS | <10.1 | 10.1 |
| tvOS | <17.1 | 17.1 |
| iPadOS | <17.1 | |
| Apple iPhone OS | <17.1 | |
| Apple macOS | =14.0 | |
| tvOS | <17.1 | |
| watchOS | <10.1 | |
| Apple iOS | <17.1 | 17.1 |
| iPadOS | <17.1 | 17.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT213987 (Advisory)
- https://support.apple.com/en-us/HT213984 (Advisory)
- https://support.apple.com/en-us/HT213988 (Advisory)
- https://support.apple.com/en-us/HT213982 (Advisory)
- https://support.apple.com/kb/HT213988
- https://support.apple.com/kb/HT213987
- https://support.apple.com/kb/HT213982
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2023-30774
- CVE-2023-40444
- CVE-2023-42952
- CVE-2023-42945
- CVE-2023-41072
- CVE-2023-42857
- CVE-2023-40449
- CVE-2023-42823
- CVE-2023-41989
- CVE-2023-42854
- CVE-2023-40413
- CVE-2023-42834
- CVE-2023-42844
- CVE-2023-42953
- CVE-2023-40416
- CVE-2023-42848
- CVE-2023-40423
- CVE-2023-38403
- CVE-2023-42849
- CVE-2023-42850
- CVE-2023-40446
- CVE-2023-42942
- CVE-2023-42861
- CVE-2023-42935
- CVE-2023-40408
- CVE-2023-40405
- CVE-2023-28826
- CVE-2023-42856
- CVE-2023-40404
- CVE-2023-42859
- CVE-2023-42877
- CVE-2023-42840
- CVE-2023-42853
- CVE-2023-42860
- CVE-2023-42889
- CVE-2023-42847
- CVE-2023-42845
- CVE-2023-42841
- CVE-2023-42873
- CVE-2023-42838
- CVE-2023-42835
- CVE-2023-41977
- CVE-2023-42438
- CVE-2023-42836
- CVE-2023-42839
- CVE-2023-42878
- CVE-2023-41982
- CVE-2023-41997
- CVE-2023-41988
- CVE-2023-42946
- CVE-2023-36191
- CVE-2023-40421
- CVE-2023-42842
- CVE-2023-4733
- CVE-2023-4734
- CVE-2023-4735
- CVE-2023-4736
- CVE-2023-4738
- CVE-2023-4750
- CVE-2023-4751
- CVE-2023-4752
- CVE-2023-4781
- CVE-2023-41254
- CVE-2023-40447
- CVE-2023-41976
- CVE-2023-42852
- CVE-2023-42843
- CVE-2023-41983
- CVE-2023-41975
- CVE-2023-42858
- CVE-2023-42846
- CVE-2023-42928
- CVE-2023-42951
- CVE-2023-42855
- CVE-2023-40445
- CVE-2023-42939
Frequently Asked Questions
What is the severity of CVE-2023-42953?
CVE-2023-42953 has been classified as a permissions issue that could allow an app to access sensitive user data.
How do I fix CVE-2023-42953?
To resolve CVE-2023-42953, update your device to tvOS 17.1, watchOS 10.1, macOS Sonoma 14.1, iOS 17.1, or iPadOS 17.1.
What products are affected by CVE-2023-42953?
CVE-2023-42953 affects Apple iOS, iPadOS, macOS Sonoma, tvOS, and watchOS prior to their respective fixed versions.
When was the issue in CVE-2023-42953 fixed?
The issue described in CVE-2023-42953 was addressed in the updates released on October 25, 2023.
Can CVE-2023-42953 lead to a data breach?
Yes, CVE-2023-42953 can potentially lead to unauthorized access to sensitive user data if not mitigated by the mentioned updates.
- agent/first-publish-date
- agent/type
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/event
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/trending
- agent/source
- collector/apple-support
- source/Apple
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/references
- agent/author
- collector/nvd-api
- source/NVD
- agent/softwarecombine
- agent/tags
- vendor/apple
- canonical/apple macos
- canonical/watchos
- canonical/tvos
- canonical/ipados
- canonical/apple iphone os
- version/apple macos/14.0
- canonical/apple ios