Multiple vulnerabilities in Apple watchOS 10
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 42 |
| CVE-ID | CVE-2023-40417 CVE-2023-40403 CVE-2023-40427 CVE-2023-41068 CVE-2023-40456 CVE-2023-40520 CVE-2023-35990 CVE-2023-40452 CVE-2023-40454 CVE-2023-41070 CVE-2023-40419 CVE-2023-41968 CVE-2023-40424 CVE-2023-39434 CVE-2023-41074 CVE-2023-35074 CVE-2023-41073 CVE-2023-40400 CVE-2023-40448 CVE-2023-32361 CVE-2023-40432 CVE-2023-41174 CVE-2023-40409 CVE-2023-40412 CVE-2023-41071 CVE-2023-40399 CVE-2023-40410 CVE-2023-35984 CVE-2023-40429 CVE-2023-41065 CVE-2023-38596 CVE-2023-40420 CVE-2023-32396 CVE-2023-40395 CVE-2023-41981 CVE-2023-41984 CVE-2023-40418 CVE-2023-40414 CVE-2023-40528 CVE-2023-40396 CVE-2023-42957 CVE-2023-42949 |
| CWE-ID | CWE-451 CWE-125 CWE-388 CWE-284 CWE-312 CWE-264 CWE-119 CWE-285 CWE-61 CWE-416 CWE-20 CWE-254 CWE-787 CWE-200 CWE-358 CWE-287 CWE-276 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #29 is available. |
| Vulnerable software |
watchOS Operating systems & Components / Operating system |
| Vendor | Apple Inc. |
Security Bulletin
This security bulletin contains information about 42 vulnerabilities.
1) Spoofing attack
EUVDB-ID: #VU81177
Risk: Medium
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-40417
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to incorrect processing of user-supplied data. A remote attacker can trick the victim to visit a specially crafted website and spoof website content.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU81168
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-40403
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in libxslt. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Error Handling
EUVDB-ID: #VU81169
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-40427
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improved handling of caches in Maps. A local application can read sensitive location information.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper access control
EUVDB-ID: #VU81206
Risk: Low
CVSSv4.0: 5.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-41068
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improper access restrictions in MobileStorageMounter. A local application can bypass implemented security restrictions and escalate privileges on the system.
Install update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Cleartext storage of sensitive information
EUVDB-ID: #VU81207
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-40456
CWE-ID:
CWE-312 - Cleartext Storage of Sensitive Information
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to Photos Storage saves edited photos to a temporary directory. A local application can view edited photos.
Install update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Cleartext storage of sensitive information
EUVDB-ID: #VU81208
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-40520
CWE-ID:
CWE-312 - Cleartext Storage of Sensitive Information
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to Photos Storage saves edited photos to a temporary directory. A local application can view edited photos.
Install update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU81183
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-35990
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improperly imposed security restrictions in Safari. A local application can identify what other apps a user has installed.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Buffer overflow
EUVDB-ID: #VU81184
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-40452
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local application to overwrite arbitrary files on the system.
The vulnerability exists due to a boundary error in Sandbox. A local application can trigger memory corruption and overwrite arbitrary files on the system.
Install update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Improper access control
EUVDB-ID: #VU81166
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-40454
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local application to delete arbitrary files on the system.
The vulnerability exists due to improper access restrictions in libxpc. A local application can delete arbitrary files on the system.
Install update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Improper Authorization
EUVDB-ID: #VU81186
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-41070
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper authorization in Share Sheet. A local application can access sensitive data logged when a user shares a link.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU81209
Risk: Low
CVSSv4.0: 5.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-40419
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improperly imposed security restrictions in Simulator. A local application can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) UNIX symbolic link following
EUVDB-ID: #VU81189
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-41968
CWE-ID:
CWE-61 - UNIX Symbolic Link (Symlink) Following
Exploit availability: No
DescriptionThe vulnerability allows a local application to read arbitrary files on the system.
The vulnerability exists due to a symlink following issue in StorageKit. A local application can read arbitrary files on the system.
Install update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Improper access control
EUVDB-ID: #VU81191
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-40424
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper access restrictions in TCC. A local application can access user-sensitive data.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Use-after-free
EUVDB-ID: #VU81192
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-39434
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing HTML content in WebKit. A remote attacker can trick the victim to open a specially crafted website and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Buffer overflow
EUVDB-ID: #VU81179
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-41074
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in WebKit. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Buffer overflow
EUVDB-ID: #VU81180
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-35074
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in WebKit. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Improper Authorization
EUVDB-ID: #VU81167
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-41073
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper authorization in libxpc. A local application can gain unauthorized access to protected user data.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Input validation error
EUVDB-ID: #VU81165
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-40400
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to insufficient validation of user-supplied input in libpcap. A remote attacker can pass specially crafted input to the system and execute arbitrary code on the system.
Install update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Security features bypass
EUVDB-ID: #VU81137
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-40448
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to improper input validation in App Store. A remote attacker can trick the victim to visit a specially crafted website and break out of Web Content sandbox.
Install update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Error Handling
EUVDB-ID: #VU81141
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-32361
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to incorrect error handling in AuthKit. A local application can gain access to user-sensitive data.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Buffer overflow
EUVDB-ID: #VU81138
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-40432
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
Install update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Buffer overflow
EUVDB-ID: #VU81197
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-41174
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
Install update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Buffer overflow
EUVDB-ID: #VU81198
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-40409
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
Install update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Buffer overflow
EUVDB-ID: #VU81199
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-40412
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
Install update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Use-after-free
EUVDB-ID: #VU81200
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-41071
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a use-after-free error in Apple Neural Engine. A local application can read kernel memory.
Install update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Out-of-bounds read
EUVDB-ID: #VU81139
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-40399
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the Apple Neural Engine. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Out-of-bounds read
EUVDB-ID: #VU81140
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-40410
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the Apple Neural Engine. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Out-of-bounds write
EUVDB-ID: #VU81142
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-35984
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows an attacker to compromise the affected system.
The vulnerability exists due to a boundary error in Bluetooth implementation. An attacker with physical proximity to the system can send specially crafted traffic to trigger an out-of-bounds write and execute arbitrary code.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Input validation error
EUVDB-ID: #VU81163
Risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2023-40429
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to insufficient validation of user-supplied input within the OS kernel. A local application can gain access to sensitive user data.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
30) Information disclosure
EUVDB-ID: #VU81145
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-41065
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by bootp. A local application can read sensitive location information.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Improperly implemented security check for standard
EUVDB-ID: #VU81147
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-38596
CWE-ID:
CWE-358 - Improperly Implemented Security Check for Standard
Exploit availability: No
DescriptionThe vulnerability allows a local application to bypass implemented security restrictions.
The vulnerability exists within the CFNetwork component, which fails to enforce App Transport Security. A local application can gain access to sensitive information.
Install update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Buffer overflow
EUVDB-ID: #VU81149
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-40420
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in CoreAnimation. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Input validation error
EUVDB-ID: #VU81151
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-32396
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input in Dev Tools. A local application can escalate privileges on the system.
Install update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Error Handling
EUVDB-ID: #VU81153
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-40395
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper error handling in Game Center. A local application can access contacts.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) Security features bypass
EUVDB-ID: #VU81161
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-41981
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a local user to bypass implemented security restrictions.
The vulnerability exists due to improper memory handling. A local user can bypass kernel memory mitigations and execute arbitrary code on the system.
Install update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Buffer overflow
EUVDB-ID: #VU81162
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-41984
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error within the OS kernel. A local application can trigger memory corruption and execute arbitrary code with kernel privileges.
Install update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Improper Authentication
EUVDB-ID: #VU81215
Risk: Low
CVSSv4.0: 3.7 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-40418
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows an attacker to bypass authentication process.
The vulnerability exists in the Passcode feature due to Apple Watch Ultra may not lock when using the Depth app. An attacker with physical access to device can gain unauthorized access to the system.
Install update from vendor's website.
Vulnerable software versionswatchOS: before 10.0
CPE2.3 External linkshttps://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
38) Use-after-free
EUVDB-ID: #VU84764
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-40414
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in WebKit. A remote attacker can trick the victim to visit a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.
Install update from vendor's website.
Vulnerable software versionswatchOS: 2.0 - 9.6.3
CPE2.3- cpe:2.3:o:apple:watchos:2.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:3.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:5.3.9:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:6.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:7.6.2:18U80:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:8.8.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:9.6.3:*:*:*:*:*:*:*
https://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) Security features bypass
EUVDB-ID: #VU85679
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-40528
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a local application to bypass implemented security restrictions.
The vulnerability exists due to an error within the Core Data component. A local application can bypass Privacy preferences.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: 2.0 - 9.6.3
CPE2.3- cpe:2.3:o:apple:watchos:2.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:3.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:5.3.9:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:6.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:7.6.2:18U80:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:8.8.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:9.6.3:*:*:*:*:*:*:*
https://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) Buffer overflow
EUVDB-ID: #VU94677
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-40396
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in IOUserEthernet. A local user can trigger memory corruption and execute arbitrary code with kernel privileges.
Install update from vendor's website.
Vulnerable software versionswatchOS: 2.0 - 9.6.3
CPE2.3- cpe:2.3:o:apple:watchos:2.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:3.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:5.3.9:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:6.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:7.6.2:18U80:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:8.8.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:9.6.3:*:*:*:*:*:*:*
https://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
41) Information disclosure
EUVDB-ID: #VU94678
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-42957
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a malicious application to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the Maps application. A malicious application can read sensitive location information.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: 2.0 - 9.6.3
CPE2.3- cpe:2.3:o:apple:watchos:2.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:3.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:5.3.9:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:6.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:7.6.2:18U80:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:8.8.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:9.6.3:*:*:*:*:*:*:*
https://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
42) Incorrect default permissions
EUVDB-ID: #VU94680
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-42949
CWE-ID:
CWE-276 - Incorrect Default Permissions
Exploit availability: No
DescriptionThe vulnerability allows a local application to access photos saved to temporary directory.
The vulnerability exists due to incorrect default permissions in Photos. A local application can access edited photos saved to a temporary directory.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: 2.0 - 9.6.3
CPE2.3- cpe:2.3:o:apple:watchos:2.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:3.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:5.3.9:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:6.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:7.6.2:18U80:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:8.8.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:9.6.3:*:*:*:*:*:*:*
https://support.apple.com/en-us/HT213937
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
