T
his issue was addressed with improved handling of symlinks. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. A malicious app may be able to gain root privileges.
References
| Link | Resource |
|---|---|
| https://support.apple.com/en-us/HT213981 | Vendor Advisory |
| https://support.apple.com/en-us/HT213982 | Vendor Advisory |
| https://support.apple.com/en-us/HT213984 | Vendor Advisory |
| https://support.apple.com/en-us/HT213985 | Vendor Advisory |
| https://support.apple.com/en-us/HT213987 | Vendor Advisory |
| https://support.apple.com/en-us/HT213988 | Vendor Advisory |
| https://support.apple.com/en-us/HT213981 | Vendor Advisory |
| https://support.apple.com/en-us/HT213982 | Vendor Advisory |
| https://support.apple.com/en-us/HT213984 | Vendor Advisory |
| https://support.apple.com/en-us/HT213985 | Vendor Advisory |
| https://support.apple.com/en-us/HT213987 | Vendor Advisory |
| https://support.apple.com/en-us/HT213988 | Vendor Advisory |
| https://support.apple.com/kb/HT213982 | |
| https://support.apple.com/kb/HT213984 | |
| https://support.apple.com/kb/HT213988 |
Configurations
Configuration 1 (hide)
|
History
04 Nov 2025, 20:17
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
12 Dec 2024, 14:26
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Apple ipad Os
Apple tvos Apple iphone Os Apple watchos Apple ipados Apple Apple macos |
|
| CWE | CWE-59 | |
| CPE | cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:14.0:*:*:*:*:*:*:* cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:17.0:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* |
|
| References | () https://support.apple.com/en-us/HT213981 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/HT213982 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/HT213984 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/HT213985 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/HT213987 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/HT213988 - Vendor Advisory |
21 Nov 2024, 08:23
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://support.apple.com/en-us/HT213981 - | |
| References | () https://support.apple.com/en-us/HT213982 - | |
| References | () https://support.apple.com/en-us/HT213984 - | |
| References | () https://support.apple.com/en-us/HT213985 - | |
| References | () https://support.apple.com/en-us/HT213987 - | |
| References | () https://support.apple.com/en-us/HT213988 - |
27 Aug 2024, 16:35
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
Information
Published : 2024-02-21 07:15
Updated : 2025-11-04 20:17
NVD link : CVE-2023-42942
Mitre link : CVE-2023-42942
CVE.ORG link : CVE-2023-42942
JSON object : View
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')