PT-2023-6029 · Apple · Tvos+3

0X3C3E

Publicado

2023-09-26

Atualizado

2023-10-12

CVE-2023-40419

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions watchOS versions prior to 10 iOS versions prior to 17 tvOS versions prior to 17 iPadOS versions prior to 17

Description The issue is related to insufficient access controls in the Simulator component of the operating systems, which may allow an attacker to gain elevated privileges. The estimated number of potentially affected devices is not provided. There is no information about real-world incidents where this issue was exploited.

Recommendations For watchOS versions prior to 10, update to watchOS 10 to resolve the issue. For iOS versions prior to 17, update to iOS 17 to resolve the issue. For tvOS versions prior to 17, update to tvOS 17 to resolve the issue. For iPadOS versions prior to 17, update to iPadOS 17 to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

BDU:2023-06730

CVE-2023-40419

Produtos afetados

Ios

Ipados

Tvos

Watchos

PT-2023-6029 · Apple · Tvos+3

CVE-2023-40419

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 14