CVE-2023-42925

LOW

iPadOS < 17.0 - Unauthorized Access to Notes Attachments

Title source: llm

Description

The issue was addressed with improved restriction of data container access. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access Notes attachments.

References (2)

Core 2

Core References

Release Notes, Vendor Advisory

https://support.apple.com/en-us/HT213938

Release Notes, Vendor Advisory

https://support.apple.com/en-us/HT213940

Scores

CVSS v3 3.3

EPSS 0.0013

EPSS Percentile 31.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-200

Status published

Products (3)

apple/ipados < 17.0

apple/iphone_os < 17.0

apple/macos < 14.0

Published Jul 29, 2024

Tracked Since Feb 18, 2026