{"api_version":"1","generated_at":"2026-04-23T08:40:57+00:00","cve":"CVE-2023-41232","urls":{"html":"https://cve.report/CVE-2023-41232","api":"https://cve.report/api/cve/CVE-2023-41232.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-41232","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-41232"},"summary":{"title":"CVE-2023-41232","description":"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.7, iOS 17 and iPadOS 17, macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. An app may be able to disclose kernel memory.","state":"PUBLIC","assigner":"product-security@apple.com","published_at":"2023-09-27 15:19:00","updated_at":"2023-11-07 04:20:00"},"problem_types":["CWE-125"],"metrics":[],"references":[{"url":"https://support.apple.com/en-us/HT213927","name":"https://support.apple.com/en-us/HT213927","refsource":"MISC","tags":[],"title":"About the security content of iOS 16.7 and iPadOS 16.7 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2023/Oct/4","name":"http://seclists.org/fulldisclosure/2023/Oct/4","refsource":"","tags":[],"title":"Full Disclosure: APPLE-SA-09-26-2023-3 Additional information for APPLE-SA-2023-09-21-3 iOS 16.7 and iPadOS 16.7","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2023/Oct/5","name":"http://seclists.org/fulldisclosure/2023/Oct/5","refsource":"MISC","tags":[],"title":"Full Disclosure: APPLE-SA-09-26-2023-4 Additional information for APPLE-SA-2023-09-21-6 macOS Ventura 13.6","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/en-us/HT213931","name":"https://support.apple.com/en-us/HT213931","refsource":"MISC","tags":[],"title":"About the security content of macOS Ventura 13.6 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/en-us/HT213938","name":"https://support.apple.com/en-us/HT213938","refsource":"MISC","tags":[],"title":"About the security content of iOS 17 and iPadOS 17 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2023/Oct/6","name":"http://seclists.org/fulldisclosure/2023/Oct/6","refsource":"","tags":[],"title":"Full Disclosure: APPLE-SA-09-26-2023-5 Additional information for APPLE-SA-2023-09-21-7 macOS Monterey 12.7","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/en-us/HT213932","name":"https://support.apple.com/en-us/HT213932","refsource":"MISC","tags":[],"title":"About the security content of macOS Monterey 12.7 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-41232","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-41232","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"41232","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"ipados","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"41232","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"iphone_os","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"41232","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"macos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-41232","qid":"610510","title":"Apple iOS 16.7 and iPadOS 16.7 Security Update Missing"},{"cve":"CVE-2023-41232","qid":"610525","title":"Apple iOS 17 and iPadOS 17 Security Update Missing (HT213938)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-41232","ASSIGNER":"product-security@apple.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.7, iOS 17 and iPadOS 17, macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. An app may be able to disclose kernel memory."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"An app may be able to disclose kernel memory"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Apple","product":{"product_data":[{"product_name":"iOS and iPadOS","version":{"version_data":[{"version_affected":"<","version_name":"unspecified","version_value":"17"}]}},{"product_name":"macOS","version":{"version_data":[{"version_affected":"<","version_name":"unspecified","version_value":"12.7"}]}}]}}]}},"references":{"reference_data":[{"url":"https://support.apple.com/en-us/HT213938","refsource":"MISC","name":"https://support.apple.com/en-us/HT213938"},{"url":"https://support.apple.com/en-us/HT213932","refsource":"MISC","name":"https://support.apple.com/en-us/HT213932"},{"url":"https://support.apple.com/en-us/HT213927","refsource":"MISC","name":"https://support.apple.com/en-us/HT213927"},{"url":"https://support.apple.com/en-us/HT213931","refsource":"MISC","name":"https://support.apple.com/en-us/HT213931"},{"url":"http://seclists.org/fulldisclosure/2023/Oct/5","refsource":"MISC","name":"http://seclists.org/fulldisclosure/2023/Oct/5"}]}},"nvd":{"publishedDate":"2023-09-27 15:19:00","lastModifiedDate":"2023-11-07 04:20:00","problem_types":["CWE-125"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.8,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0","versionEndExcluding":"13.6","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionEndExcluding":"16.7","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*","versionEndExcluding":"16.7","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0.0","versionEndExcluding":"12.7","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}