CVE-2023-23531: High severity macos ventura vulnerability

Q: What is the vulnerability ID?

The vulnerability ID is CVE-2023-23531.

Q: What is the severity of CVE-2023-23531?

The severity of CVE-2023-23531 is high with a severity value of 8.6.

Q: Which software versions are affected by CVE-2023-23531?

CVE-2023-23531 affects macOS Ventura 13.2, iOS 16.3, and iPadOS 16.3.

Q: What is the fix for CVE-2023-23531?

The issue has been addressed with improved memory handling in macOS Ventura 13.2, iOS 16.3, and iPadOS 16.3.

Q: Where can I find more information about CVE-2023-23531?

You can find more information about CVE-2023-23531 on the Apple support page: [link](https://support.apple.com/en-us/HT213605)

Published Jan 23, 2023

Updated

Foundation. The issue was addressed with improved memory handling.

Other sources

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.

Credit

Austin Emmitt@@alkalinesec, Senior Security Researcher at Trellix Advanced Research Center

Affected Software

6 affected componentsFixes available

macOS Ventura<13.2

13.2

Apple iOS and iPadOS<16.3

16.3

Apple iOS, iPadOS, and macOS<16.3

16.3

Apple iOS, iPadOS, and macOS<16.3

iPhone OS<16.3

macOS<13.2

Event History

Feb 27, 2023

CVE Published

via MITRE·12:00 AM

Data Sourced

via MITRE·12:00 AM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

Frequently Asked Questions

What is the vulnerability ID?

The vulnerability ID is CVE-2023-23531.

What is the severity of CVE-2023-23531?

The severity of CVE-2023-23531 is high with a severity value of 8.6.

Which software versions are affected by CVE-2023-23531?

CVE-2023-23531 affects macOS Ventura 13.2, iOS 16.3, and iPadOS 16.3.

What is the fix for CVE-2023-23531?