← back
CVE-2023-40438

CVE-2023-40438

CVSS 5.5 MEDIUMEPSS 0.2%CWE-379
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.5EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
10 Jan 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14, iOS 16.7 and iPadOS 16.7. An app may be able to access edited photos saved to a temporary directory.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected products
Apple · iOS and iPadOSApple · macOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.apple.com/en-us/HT213927https://support.apple.com/en-us/HT213940https://support.apple.com/kb/HT213927https://support.apple.com/kb/HT213940