Main Vulnerability Database Vulnerabilities #VU109447

#VU109447 Improper Authentication in Apple iOS and iPadOS - CVE-2023-42973

Published: May 20, 2025

Vulnerability identifier: #VU109447

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-42973

CWE-ID: CWE-287

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Apple iOS
iPadOS

Software vendor:
Apple Inc.

Description

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due to an error in the user interface that allows accessing Safari private browser tabs without authentication. An attacker with physical access to the system can gain access to private browser tabs.

Remediation

Install updates from vendor's website.

External links

https://support.apple.com/en-us/120949

#VU109447 Improper Authentication in Apple iOS and iPadOS - CVE-2023-42973

Description

Remediation

External links

Please verify you're human