CVE-2023-42855
CVE-2023-42855
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.6EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
21 Feb 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
This issue was addressed with improved state management. This issue is fixed in iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to silently persist an Apple ID on an erased device.
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected products
Apple · iOS and iPadOS