CVE-2023-42952

Vulnerability

CVE-2023-42952 is a privacy issue in Apple operating systems that allows an app with root privileges to access private information. The vulnerability exists in the core system components and was addressed with improved checks. Affected versions include iOS and iPadOS prior to 17.1, macOS Monterey prior to 12.7.1, macOS Ventura prior to 13.6.3, and macOS Sonoma prior to 14.1 [2][4].

Exploitation

An attacker must already have an app running with root privileges on the device. No additional user interaction or network access is required beyond the initial compromise that grants root access. The exact exploitation steps are not publicly detailed, but the app can leverage the flaw to bypass privacy protections and access sensitive data.

Impact

Successful exploitation allows the malicious app to access private information, leading to a breach of confidentiality. The attacker gains the ability to read sensitive user data that should be protected from even root-level processes.

Mitigation

Apple has released fixes in iOS 17.1 and iPadOS 17.1 (October 25, 2023), macOS Monterey 12.7.1 (October 25, 2023), macOS Ventura 13.6.3 (December 11, 2023), and macOS Sonoma 14.1 (October 25, 2023) [2][4]. Users should update to the latest available versions. No workarounds have been published, and the issue is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog as of the publication date.