← back
CVE-2023-27963

CVE-2023-27963

CVSS 7.5 HIGHEPSS 0.8%CWE-862
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.5EPSS 0.8%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
08 May 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. A shortcut may be able to use sensitive data with certain actions without prompting the user.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products
Apple · iOS and iPadOSApple · macOSApple · tvOSApple · watchOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.apple.com/en-us/HT213670https://support.apple.com/en-us/HT213673https://support.apple.com/en-us/HT213674https://support.apple.com/en-us/HT213676https://support.apple.com/en-us/HT213677https://support.apple.com/en-us/HT213678