CVE-2023-32438

MEDIUM

iPadOS < 16.3 - Privacy Preference Bypass

Title source: llm

Description

This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in tvOS 16.3, macOS Ventura 13.2, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to bypass Privacy preferences.

References (4)

Core 4

Core References

Release Notes, Vendor Advisory

https://support.apple.com/en-us/HT213599

Release Notes, Vendor Advisory

https://support.apple.com/en-us/HT213601

Release Notes, Vendor Advisory

https://support.apple.com/en-us/HT213605

Release Notes, Vendor Advisory

https://support.apple.com/en-us/HT213606

Scores

CVSS v3 5.5

EPSS 0.0005

EPSS Percentile 15.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

Status published

Products (4)

apple/ipados < 16.3

apple/iphone_os < 16.3

apple/macos 13.0 - 13.2

apple/watchos < 9.3

Published Sep 06, 2023

Tracked Since Feb 18, 2026