CVE-2023-23541

LOW

Apple Ipados < 15.7.4 - Denial of Service

Title source: rule

Description

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to access information about a user’s contacts.

References (2)

[Release Notes, Vendor Advisory] https://support.apple.com/en-us/HT213673

[Release Notes, Vendor Advisory] https://support.apple.com/en-us/HT213676

Scores

CVSS v3 3.3

EPSS 0.0006

EPSS Percentile 18.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-922

Status published

Products (2)

apple/ipados < 15.7.4

apple/iphone_os < 15.7.4

Published May 08, 2023

Tracked Since Feb 18, 2026