CVE-2023-42834

MEDIUM

iPadOS < 17.1 - Unprotected User Data Exposure via File Handling Issue

Title source: llm

Description

A privacy issue was addressed with improved handling of files. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.

References (10)

Core 10

Core References

Vendor Advisory

https://support.apple.com/en-us/HT213982

Vendor Advisory

https://support.apple.com/en-us/HT213984

Vendor Advisory

https://support.apple.com/en-us/HT213988

Vendor Advisory

https://support.apple.com/en-us/HT214037

Vendor Advisory

https://support.apple.com/en-us/HT214038

Vendor Advisory

https://support.apple.com/kb/HT213982

Vendor Advisory

https://support.apple.com/kb/HT213984

Vendor Advisory

https://support.apple.com/kb/HT213988

Vendor Advisory

https://support.apple.com/kb/HT214037

Vendor Advisory

https://support.apple.com/kb/HT214038

Scores

CVSS v3 5.5

EPSS 0.0002

EPSS Percentile 6.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

Status published

Products (5)

apple/ipad_os < 17.1

apple/iphone_os < 17.1

apple/macos 14.0

apple/macos 12.0 - 12.7.2

apple/watchos < 10.1

Published Feb 21, 2024

Tracked Since Feb 18, 2026