Home

CVE-2017-7023

Description

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the Kernel component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.493

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities affected in Apple iTunes (X64) 12.6.1Windows
Multiple vulnerabilities affected in Apple iTunes 12.6.1Windows
Multiple vulnerabilities affected in iCloud 6.2.1Windows
Multiple Vulnerabilities are affected in Apple iTunes (X64) 12.6.1Windows
Multiple Vulnerabilities are affected in Apple iTunes 12.6.1Windows
Vulnerabilities CVE-2017-7022,CVE-2017-7023,CVE-2017-7024,CVE-2017-7025 are affected in iCloud 6.2.1Windows
Multiple Vulnerabilities are affected in Apple Safari 10.1.1Mac
Vulnerabilities CVE-2017-7022,CVE-2017-7023,CVE-2017-7024,CVE-2017-7025 are affected in Apple Safari for MAC 10.1.1Mac
Multiple Vulnerabilities are affected in Apple iTunes For Mac 12.6.1Mac
Multiple Vulnerabilities are affected in Apple Safari for MAC 10.1.1Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-342817Apple iTunes (X64) (12.13.4.4)
PATCH-342816Apple iTunes (12.13.4.4)
PATCH-316162iCloud (7.21.0.23) (Deployment-Only)
PATCH-611604Apple Safari for MAC (MacOS Sonoma) (18.6)
PATCH-611604Apple Safari for MAC (MacOS Sonoma) (18.6)
PATCH-611604Apple Safari for MAC (MacOS Sonoma) (18.6)
PATCH-316162iCloud (7.21.0.23) (Deployment-Only)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234