{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2023-32404","assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","assignerShortName":"apple","dateUpdated":"2025-02-13T16:50:59.153Z","dateReserved":"2023-05-08T00:00:00.000Z","datePublished":"2023-06-23T00:00:00.000Z"},"containers":{"cna":{"problemTypes":[{"descriptions":[{"lang":"en","description":"An app may be able to bypass Privacy preferences"}]}],"affected":[{"vendor":"Apple","product":"macOS","versions":[{"version":"unspecified","status":"affected","lessThan":"13.4","versionType":"custom"}]},{"vendor":"Apple","product":"watchOS","versions":[{"version":"unspecified","status":"affected","lessThan":"9.5","versionType":"custom"}]},{"vendor":"Apple","product":"iOS and iPadOS","versions":[{"version":"unspecified","status":"affected","lessThan":"16.5","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, macOS Ventura 13.4. An app may be able to bypass Privacy preferences."}],"references":[{"url":"https://support.apple.com/en-us/HT213758"},{"url":"https://support.apple.com/en-us/HT213764"},{"url":"https://support.apple.com/en-us/HT213757"},{"url":"https://support.apple.com/kb/HT213761"}],"providerMetadata":{"orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple","dateUpdated":"2023-09-06T07:06:25.060Z"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T15:18:36.695Z"},"title":"CVE Program Container","references":[{"url":"https://support.apple.com/en-us/HT213758","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213764","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213757","tags":["x_transferred"]},{"url":"https://support.apple.com/kb/HT213761","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-276","lang":"en","description":"CWE-276 Incorrect Default Permissions"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-12-05T15:53:26.171359Z","id":"CVE-2023-32404","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-12-05T15:53:55.697Z"}}]}}