This issue was addressed with improved validation of symlinks. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data.
The issue results from improper validation of symbolic links (CWE-59 — Improper Link Resolution Before File Access). A malicious or compromised application can create or exploit symlinks pointing to protected areas of the file system, to which it would normally not have access permissions. Apple resolved the issue by introducing enhanced symlink validation during file path resolution.
An attacker or malicious application can gain unauthorized access to protected user data, which may lead to disclosure of sensitive information, its modification, or destruction.
Systems must be immediately updated to the following versions: iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, or macOS Ventura 13.7.7. Patches are available through Apple's system update mechanism and the manufacturer's support pages referenced in the references.
Apple iPadOS in versions prior to 17.7.9, macOS Sequoia in versions prior to 15.6, macOS Sonoma in versions prior to 14.7.7, macOS Ventura in versions prior to 13.7.7.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HApple iPadOS
OSApple< 17.7.9Apple macOS
OSApple< 13.7.714.0 – 14.7.7 (bez)15.0 – 15.6 (bez)
Related vulnerabilities
Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty
Apple iOS/iPadOS/macOS — out-of-bounds write przy przetwarzaniu obrazu
Apple: Obejście Pointer Authentication w iOS, macOS i innych platformach
Apple — memory corruption (RCE) w przetwarzaniu strumieni audio
Apple WebKit: out-of-bounds write umożliwiający ucieczkę z sandbox przeglądarki