Icloud Gatekeeper Vulnerability

Icloud Gatekeeper Vulnerability

On May 11, 2023 An Icloud Gatekeeper Vulnerability has been released.

Files shared by iCloud shared-by-me folder may bypass Gatekeeper according to the vulnerability report. The issue is addressed with additional checks by Gatekeeper on the files which are shared by Icloud shared-by-me folder. The problem is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. (CVE-2023-23526)

Affected Systems

• cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*Up to (excluding) 16.4
• cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*Up to (excluding) 16.4
• cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*Up to (excluding) 13.3

IoC’s

-

Recommended Solution(s)

-

Mitigations

-

CVE / CWE

CVE-2023-23526

Related Website(s)

• https://nvd.nist.gov/vuln/detail/CVE-2023-23526
• https://support.apple.com/en-us/HT213670
• https://support.apple.com/en-us/HT213676

* Vulnerabilities with a CVSS 3.1 score between 7.0 and 8.9 are evaluated to be “high” whereas vulnerabilities with a CVSS 3.1 score between 9.0 and 10.0 are evaluated to be “critical”.