CVE-2023-40413 | Vulnerability Database | Aqua Security

The issue was addressed with improved handling of caches. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to read sensitive location information.

Affected Software

Name	Vendor	Start Version	End Version
Ipados	Apple	*	16.7.2 (excluding)
Ipados	Apple	17.0 (including)	17.1 (excluding)
Iphone_os	Apple	*	16.7.2 (excluding)
Iphone_os	Apple	17.0 (including)	17.1 (excluding)
Macos	Apple	12.0.0 (including)	12.7.1 (excluding)
Macos	Apple	13.0 (including)	13.6.1 (excluding)
Macos	Apple	14.0 (including)	14.1 (excluding)
Watchos	Apple	*	10.1 (excluding)

References

http://seclists.org/fulldisclosure/2023/Oct/19
http://seclists.org/fulldisclosure/2023/Oct/21
http://seclists.org/fulldisclosure/2023/Oct/23
http://seclists.org/fulldisclosure/2023/Oct/24
http://seclists.org/fulldisclosure/2023/Oct/25
http://seclists.org/fulldisclosure/2023/Oct/26
https://support.apple.com/en-us/HT213981
https://support.apple.com/en-us/HT213982
https://support.apple.com/en-us/HT213983
https://support.apple.com/en-us/HT213984
https://support.apple.com/en-us/HT213985
https://support.apple.com/en-us/HT213988
https://support.apple.com/kb/HT213981
https://support.apple.com/kb/HT213982
https://support.apple.com/kb/HT213983
https://support.apple.com/kb/HT213984
https://support.apple.com/kb/HT213985
https://support.apple.com/kb/HT213988
http://seclists.org/fulldisclosure/2023/Oct/19
http://seclists.org/fulldisclosure/2023/Oct/21
http://seclists.org/fulldisclosure/2023/Oct/23
http://seclists.org/fulldisclosure/2023/Oct/24
http://seclists.org/fulldisclosure/2023/Oct/25
http://seclists.org/fulldisclosure/2023/Oct/26
https://support.apple.com/en-us/HT213981
https://support.apple.com/en-us/HT213982
https://support.apple.com/en-us/HT213983
https://support.apple.com/en-us/HT213984
https://support.apple.com/en-us/HT213985
https://support.apple.com/en-us/HT213988
https://support.apple.com/kb/HT213981
https://support.apple.com/kb/HT213982
https://support.apple.com/kb/HT213983
https://support.apple.com/kb/HT213984
https://support.apple.com/kb/HT213985
https://support.apple.com/kb/HT213988

NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-40413
CWE	https://cwe.mitre.org/data/definitions/.html