CVE-2023-27930

HIGH

Apple Ipados < 16.5 - Type Confusion

Title source: rule

Description

A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to execute arbitrary code with kernel privileges.

References (4)

Core 4

Core References

Release Notes, Vendor Advisory

https://support.apple.com/en-us/HT213757

Release Notes, Vendor Advisory

https://support.apple.com/en-us/HT213758

Release Notes, Vendor Advisory

https://support.apple.com/en-us/HT213761

Release Notes, Vendor Advisory

https://support.apple.com/en-us/HT213764

Scores

CVSS v3 7.8

EPSS 0.0006

EPSS Percentile 18.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-843

Status published

Products (5)

apple/ipados < 16.5

apple/iphone_os < 16.5

apple/macos 13.0 - 13.4

apple/tvos < 16.5

apple/watchos < 9.5

Published Jun 23, 2023

Tracked Since Feb 18, 2026