CVE-2023-42922

Name of the Vulnerable Software and Affected Versions macOS versions prior to 14.2 macOS versions prior to 13.6.3 macOS versions prior to 12.7.2 iOS versions prior to 17.2 iOS versions prior to 16.7.3 iPadOS versions prior to 17.2 iPadOS versions prior to 16.7.3 tvOS (affected versions not specified)

Description The issue is related to insufficient protection of service data in the Find My component of macOS, iOS, iPadOS, and tvOS operating systems. Exploitation of this issue may allow an attacker to gain unauthorized access to protected information. An app may be able to read sensitive location information due to this issue.

Recommendations For macOS versions prior to 14.2, update to macOS Sonoma 14.2. For macOS versions prior to 13.6.3, update to macOS Ventura 13.6.3. For macOS versions prior to 12.7.2, update to macOS Monterey 12.7.2. For iOS versions prior to 17.2, update to iOS 17.2. For iOS versions prior to 16.7.3, update to iOS 16.7.3. For iPadOS versions prior to 17.2, update to iPadOS 17.2. For iPadOS versions prior to 16.7.3, update to iPadOS 16.7.3. As a temporary workaround for tvOS, consider restricting access to sensitive location information until a patch is available.