CVE-2023-23532

HIGH

iPadOS < 16.4 - Sandbox Escape

Title source: llm
STIX 2.1

Description

This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.6 and iPadOS 15.7.6. An app may be able to break out of its sandbox.

References (3)

Core 3
Core References
Release Notes, Vendor Advisory
https://support.apple.com/en-us/HT213670
Release Notes, Vendor Advisory
https://support.apple.com/en-us/HT213676

Scores

CVSS v3 8.8
EPSS 0.0008
EPSS Percentile 24.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

Status published
Products (3)
apple/ipados < 16.4
apple/iphone_os < 16.4
apple/macos < 13.3
Published May 08, 2023
Tracked Since Feb 18, 2026