{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-23525", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "dateUpdated": "2024-08-02T10:35:33.287Z", "dateReserved": "2023-01-12T00:00:00", "datePublished": "2023-05-08T00:00:00"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to gain root privileges"}]}], "affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "13.3", "versionType": "custom"}]}, {"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "16.4", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "11.7", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5. An app may be able to gain root privileges."}], "references": [{"url": "https://support.apple.com/en-us/HT213670"}, {"url": "https://support.apple.com/en-us/HT213676"}, {"url": "https://support.apple.com/en-us/HT213675"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2023-07-27T03:45:29.410Z"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T10:35:33.287Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.apple.com/en-us/HT213670", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT213676", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT213675", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "EE68C5EC-5829-481D-BFF7-0A501018A3CE", "versionEndExcluding": "16.4", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "F02C0CA5-8ABA-48C7-BCAE-5CF25435DF87", "versionEndExcluding": "16.4", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "F58DAF22-8807-445A-AD05-8510829526CB", "versionEndExcluding": "13.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5. An app may be able to gain root privileges."}], "id": "CVE-2023-23525", "lastModified": "2024-11-21T07:46:21.260", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-05-08T20:15:16.170", "references": [{"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213670"}, {"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/HT213675"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213676"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213670"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.apple.com/en-us/HT213675"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213676"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}