Login Sign Up

CVE-2023-38590

8.8 HIGH
Denial of Service Buffer Overflow

📋 TL;DR

This CVE-2023-38590 is a buffer overflow vulnerability in Apple operating systems that allows remote attackers to cause system crashes or corrupt kernel memory. It affects multiple Apple platforms including iOS, macOS, watchOS, and tvOS. The vulnerability can be exploited without authentication and has high impact potential.

💻 Affected Systems

Products:
  • iOS
  • iPadOS
  • macOS
  • watchOS
  • tvOS
Versions: Versions prior to specified security updates
Operating Systems: Apple iOS, Apple iPadOS, Apple macOS, Apple watchOS, Apple tvOS
Default Config Vulnerable: ⚠️ Yes
Notes: All default configurations are vulnerable. Affects multiple Apple operating system families simultaneously.

📦 What is this software?

Ipados by Apple

View all CVEs affecting Ipados →

Ipados by Apple

View all CVEs affecting Ipados →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Tvos by Apple

View all CVEs affecting Tvos →

Watchos by Apple

View all CVEs affecting Watchos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to full system compromise, data theft, or persistent backdoor installation

🟠

Likely Case

System crashes (kernel panics) causing denial of service and potential data corruption

🟢

If Mitigated

Limited impact with proper network segmentation and updated systems

🌐 Internet-Facing: HIGH - Remote exploitation possible without authentication
🏢 Internal Only: MEDIUM - Requires network access but could spread internally

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Buffer overflow exploitation requires specific conditions but remote unauthenticated access makes it dangerous

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8, iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6, iPadOS 16.6, macOS Ventura 13.5

Vendor Advisory: https://support.apple.com/en-us/HT213841

Restart Required: Yes

Instructions:

1. Go to Settings > General > Software Update on iOS/iPadOS/watchOS/tvOS. 2. For macOS, go to System Preferences > Software Update. 3. Install available updates. 4. Restart device after installation.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to Apple devices from untrusted networks

Disable Unnecessary Services

all

Turn off services that accept remote connections if not needed

🧯 If You Can't Patch

  • Isolate affected devices in separate network segments
  • Implement strict firewall rules to limit inbound connections

🔍 How to Verify

Check if Vulnerable:

Check current OS version against affected versions list

Check Version:

iOS/iPadOS: Settings > General > About > Version. macOS: Apple menu > About This Mac > macOS version. Terminal: sw_vers

Verify Fix Applied:

Verify OS version matches or exceeds patched versions listed in fix_official.patch_version

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic logs
  • Unexpected system restarts
  • Memory corruption errors in system logs

Network Indicators:

  • Unusual network connections to Apple services
  • Traffic patterns matching exploit attempts

SIEM Query:

source="apple_system_logs" AND ("kernel panic" OR "memory corruption" OR "buffer overflow")

📊 Metadata

CVE ID: CVE-2023-38590
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-120
Published: July 28, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-38590, you might also want to check these:

CVE-2023-24482 10.0

This CVE describes a critical buffer overflow vulnerability in COMOS software's cache validation ser...

Same vulnerability type (CWE-120)
CVE-2024-22039 10.0

This vulnerability allows unauthenticated remote attackers to execute arbitrary code with root privi...

Same vulnerability type (CWE-120)
CVE-2022-22570 10.0

A buffer overflow vulnerability in UniFi Door Access Reader Lite firmware allows attackers with netw...

Same vulnerability type (CWE-120)