Multiple vulnerabilities in Apple iOS 15 and iPadOS 15



Published: 2023-01-23
Risk Low
Patch available YES
Number of vulnerabilities 5
CVE-ID CVE-2023-23500
CVE-2023-23504
CVE-2023-23498
CVE-2023-23503
CVE-2023-23505
CWE-ID CWE-125
CWE-119
CWE-200
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		iPadOS
Operating systems & Components / Operating system

Apple iOS
Operating systems & Components / Operating system

Vendor Apple Inc.

Security Bulletin

This security bulletin contains information about 5 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU71445

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-23500

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the OS kernel. A local application can trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 15.0 19A346 - 15.7.2 19H218

Apple iOS: 15.0 19A346 - 15.7.2 19H218

External links

http://support.apple.com/en-us/HT213598


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Buffer overflow

EUVDB-ID: #VU71441

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-23504

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary error within the OS kernel. A local application can trigger memory corruption and execute arbitrary code with kernel privileges.


Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 15.0 19A346 - 15.7.2 19H218

Apple iOS: 15.0 19A346 - 15.7.2 19H218

External links

http://support.apple.com/en-us/HT213598


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Information disclosure

EUVDB-ID: #VU71447

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-23498

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to an error in Mail Drafts implementation when forwarding emails. The quoted original message may be selected from the wrong email when forwarding an email from an Exchange account and lead to information disclosure.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 15.0 19A346 - 15.7.2 19H218

Apple iOS: 15.0 19A346 - 15.7.2 19H218

External links

http://support.apple.com/en-us/HT213598


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Information disclosure

EUVDB-ID: #VU71448

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-23503

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to a logic issue in Maps application. A local application can bypass Privacy preferences.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 15.0 19A346 - 15.7.2 19H218

Apple iOS: 15.0 19A346 - 15.7.2 19H218

External links

http://support.apple.com/en-us/HT213598


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Information disclosure

EUVDB-ID: #VU71435

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-23505

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to a privacy issue in Screen Time. A local application can gain unauthorized access to user's contact information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 15.0 19A346 - 15.7.2 19H218

Apple iOS: 15.0 19A346 - 15.7.2 19H218

External links

http://support.apple.com/en-us/HT213598


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###