About the security content of iOS 17 and iPadOS 17

This document describes the security content of iOS 17 and iPadOS 17.

About Apple security updates

For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security releases page.

Apple security documents reference vulnerabilities by CVE-ID when possible.

For more information about security, see the Apple Product Security page.

iOS 17 and iPadOS 17

Released September 18, 2023

Accessibility

Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

Impact: A person with physical access to a device may be able to use VoiceOver to access private calendar information

Description: This issue was addressed with improved redaction of sensitive information.

CVE-2023-40529: Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal

Entry added December 22, 2023

Airport

Impact: An app may be able to read sensitive location information

Description: A permissions issue was addressed with improved redaction of sensitive information.

CVE-2023-40384: Adam M.

App Store

Impact: A remote attacker may be able to break out of Web Content sandbox

Description: The issue was addressed with improved handling of protocols.

CVE-2023-40448: w0wbox

AppleMobileFileIntegrity

Impact: An app may be able to access sensitive user data

Description: The issue was addressed with additional permissions checks.

CVE-2023-42872: Mickey Jin (@patch1t)

Entry added December 22, 2023

Apple Neural Engine

Available for devices with Apple Neural Engine: iPhone XS and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2023-40432: Mohamed GHANNAM (@_simo36)

CVE-2023-41174: Mohamed GHANNAM (@_simo36)

CVE-2023-40409: Ye Zhang (@VAR10CK) of Baidu Security

CVE-2023-40412: Mohamed GHANNAM (@_simo36)

CVE-2023-42871: Mohamed GHANNAM (@_simo36)

Entry updated December 22, 2023

Apple Neural Engine

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A use-after-free issue was addressed with improved memory management.

CVE-2023-41071: Mohamed GHANNAM (@_simo36)

Apple Neural Engine

Impact: An app may be able to disclose kernel memory

Description: The issue was addressed with improved memory handling.

CVE-2023-40399: Mohamed GHANNAM (@_simo36)

Apple Neural Engine

Impact: An app may be able to disclose kernel memory

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2023-40410: Tim Michaud (@TimGMichaud) of Moveworks.ai

Ask to Buy

Impact: An app may be able to access protected user data

Description: The issue was addressed with improved checks.

CVE-2023-38612: Chris Ross (Zoom)

Entry added December 22, 2023

AuthKit

Impact: An app may be able to access user-sensitive data

Description: The issue was addressed with improved handling of caches.

CVE-2023-32361: Csaba Fitzl (@theevilbit) of Offensive Security

Biometric Authentication

Impact: An app may be able to disclose kernel memory

Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2023-41232: Liang Wei of PixiePoint Security

Bluetooth

Impact: An attacker in physical proximity can cause a limited out of bounds write

Description: The issue was addressed with improved checks.

CVE-2023-35984: zer0k

bootp

Impact: An app may be able to read sensitive location information

Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-41065: Adam M., and Noah Roskin-Frazee and Professor Jason Lau (ZeroClicks.ai Lab)

CFNetwork

Impact: An app may fail to enforce App Transport Security

Description: The issue was addressed with improved handling of protocols.

CVE-2023-38596: Will Brattain at Trail of Bits

CoreAnimation

Impact: Processing web content may lead to a denial-of-service

Description: The issue was addressed with improved memory handling.

CVE-2023-40420: 이준성(Junsung Lee) of Cross Republic

Core Data

Impact: An app may be able to bypass Privacy preferences

Description: This issue was addressed by removing the vulnerable code.

CVE-2023-40528: Kirin (@Pwnrin) of NorthSea

Entry added January 22, 2024

Dev Tools

Impact: An app may be able to gain elevated privileges

Description: This issue was addressed with improved checks.

CVE-2023-32396: Mickey Jin (@patch1t)

Face ID

Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, and iPad Pro 11-inch 1st generation and later

Impact: A 3D model constructed to look like the enrolled user may authenticate via Face ID

Description: This issue was addressed by improving Face ID anti-spoofing models.

CVE-2023-41069: Zhice Yang (ShanghaiTech University)

Entry added December 22, 2023

FileProvider

Impact: An app may be able to bypass Privacy preferences

Description: A permissions issue was addressed with additional restrictions.

CVE-2023-41980: Noah Roskin-Frazee and Professor Jason Lau (ZeroClicks.ai Lab)

Game Center

Impact: An app may be able to access contacts

Description: The issue was addressed with improved handling of caches.

CVE-2023-40395: Csaba Fitzl (@theevilbit) of Offensive Security

GPU Drivers

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2023-40431: Certik Skyfall Team

GPU Drivers

Impact: An app may be able to disclose kernel memory

Description: The issue was addressed with improved memory handling.

CVE-2023-40391: Antonio Zekic (@antoniozekic) of Dataflow Security

GPU Drivers

Impact: Processing web content may lead to a denial-of-service

Description: A resource exhaustion issue was addressed with improved input validation.

CVE-2023-40441: Ron Masas of Imperva

iCloud Photo Library

Impact: An app may be able to access a user's Photos Library

Description: A configuration issue was addressed with additional restrictions.

CVE-2023-40434: Mikko Kenttälä (@Turmio_ ) of SensorFu

Kernel

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A use-after-free issue was addressed with improved memory management.

CVE-2023-41995: Certik Skyfall Team, pattern-f (@pattern_F_) of Ant Security Light-Year Lab

CVE-2023-42870: Zweig of Kunlun Lab

CVE-2023-41974: Félix Poulin-Bélanger

Entry updated December 22, 2023

Kernel

Impact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations

Description: The issue was addressed with improved memory handling.

CVE-2023-41981: Linus Henze of Pinauten GmbH (pinauten.de)

Kernel

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2023-41984: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd.

Kernel

Impact: An app may be able to access sensitive user data

Description: A permissions issue was addressed with improved validation.

CVE-2023-40429: Michael (Biscuit) Thomas and 张师傅(@京东蓝军)

Kernel

Impact: A remote user may be able to cause kernel code execution

Description: A type confusion issue was addressed with improved checks.

CVE-2023-41060: Joseph Ravichandran (@0xjprx) of MIT CSAIL

Entry added December 22, 2023

libpcap

Impact: A remote user may cause an unexpected app termination or arbitrary code execution

Description: This issue was addressed with improved checks.

CVE-2023-40400: Sei K.

libxpc

Impact: An app may be able to delete files for which it does not have permission

Description: A permissions issue was addressed with additional restrictions.

CVE-2023-40454: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)

libxpc

Impact: An app may be able to access protected user data

Description: An authorization issue was addressed with improved state management.

CVE-2023-41073: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)

libxslt

Impact: Processing web content may disclose sensitive information

Description: The issue was addressed with improved memory handling.

CVE-2023-40403: Dohyun Lee (@l33d0hyun) of PK Security

Maps

Impact: An app may be able to read sensitive location information

Description: The issue was addressed with improved handling of caches.

CVE-2023-40427: Adam M., and Wojciech Regula of SecuRing (wojciechregula.blog)

MobileStorageMounter

Impact: A user may be able to elevate privileges

Description: An access issue was addressed with improved access restrictions.

CVE-2023-41068: Mickey Jin (@patch1t)

Music

Impact: An app may be able to modify protected parts of the file system

Description: The issue was addressed with improved checks.

CVE-2023-41986: Gergely Kalman (@gergely_kalman)

Passkeys

Impact: An attacker may be able to access passkeys without authentication

Description: The issue was addressed with additional permissions checks.

CVE-2023-40401: weize she and an anonymous researcher

Entry added December 22, 2023

Photos Storage

Impact: An app may be able to access edited photos saved to a temporary directory

Description: The issue was addressed with improved checks.

CVE-2023-40456: Kirin (@Pwnrin)

CVE-2023-40520: Kirin (@Pwnrin)

Photos Storage

Impact: An app with root privileges may be able to access private information

Description: An information disclosure issue was addressed by removing the vulnerable code.

CVE-2023-42934: Wojciech Regula of SecuRing (wojciechregula.blog)

Entry added December 22, 2023

Pro Res

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2023-41063: Certik Skyfall Team

QuartzCore

Impact: An app may be able to cause a denial-of-service

Description: The issue was addressed with improved memory handling.

CVE-2023-40422: Tomi Tokics (@tomitokics) of iTomsn0w

Entry added December 22, 2023

Safari

Impact: An app may be able to identify what other apps a user has installed

Description: The issue was addressed with improved checks.

CVE-2023-35990: Adriatik Raci of Sentry Cybersecurity

Safari

Impact: Visiting a website that frames malicious content may lead to UI spoofing

Description: A window management issue was addressed with improved state management.

CVE-2023-40417: Narendra Bhati (twitter.com/imnarendrabhati) of Suma Soft Pvt. Ltd

Entry updated December 22, 2023

Sandbox

Impact: An app may be able to overwrite arbitrary files

Description: The issue was addressed with improved bounds checks.

CVE-2023-40452: Yiğit Can YILMAZ (@yilmazcanyigit)

Share Sheet

Impact: An app may be able to access sensitive data logged when a user shares a link

Description: A logic issue was addressed with improved checks.

CVE-2023-41070: Kirin (@Pwnrin)

Simulator

Impact: An app may be able to gain elevated privileges

Description: The issue was addressed with improved checks.

CVE-2023-40419: Arsenii Kostromin (0x3c3e)

Siri

Impact: An app may be able to access sensitive user data

Description: The issue was addressed with improved handling of caches.

CVE-2023-40428: Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal

StorageKit

Impact: An app may be able to read arbitrary files

Description: This issue was addressed with improved validation of symlinks.

CVE-2023-41968: Mickey Jin (@patch1t) and James Hutchins

TCC

Impact: An app may be able to access user-sensitive data

Description: The issue was addressed with improved checks.

CVE-2023-40424: Arsenii Kostromin (0x3c3e), Joshua Jewett (@JoshJewett33), and Csaba Fitzl (@theevilbit) of Offensive Security

WebKit

Impact: Processing web content may lead to arbitrary code execution

Description: A use-after-free issue was addressed with improved memory management.

WebKit Bugzilla: 249451
CVE-2023-39434: Francisco Alonso (@revskills), and Dohyun Lee (@l33d0hyun) of PK Security

WebKit Bugzilla: 258992
CVE-2023-40414: Francisco Alonso (@revskills)

Entry updated December 22, 2023

WebKit

Impact: Processing web content may lead to arbitrary code execution

Description: The issue was addressed with improved checks.

WebKit Bugzilla: 256551
CVE-2023-41074: 이준성(Junsung Lee) of Cross Republic and Jie Ding(@Lime) from HKUS3 Lab

Entry updated December 22, 2023

WebKit

Impact: Processing web content may lead to arbitrary code execution

Description: The issue was addressed with improved memory handling.

WebKit Bugzilla: 239758
CVE-2023-35074: Dong Jun Kim (@smlijun) and Jong Seong Kim (@nevul37) of AbyssLab, and zhunki

Entry updated January 22, 2024

WebKit

Impact: A user's password may be read aloud by VoiceOver

Description: This issue was addressed with improved redaction of sensitive information.

WebKit Bugzilla: 248717
CVE-2023-32359: Claire Houston

Entry added December 22, 2023

WebKit

Impact: A remote attacker may be able to view leaked DNS queries with Private Relay turned on

Description: This issue was addressed by removing the vulnerable code.

WebKit Bugzilla: 257303
CVE-2023-40385: Anonymous

Entry added December 22, 2023

WebKit

Impact: Processing web content may lead to arbitrary code execution

Description: A correctness issue was addressed with improved checks.

WebKit Bugzilla: 258592
CVE-2023-42833: Dong Jun Kim (@smlijun) and Jong Seong Kim (@nevul37) of AbyssLab

Entry added December 22, 2023

Wi-Fi

Impact: An app may be able to cause unexpected system termination or write kernel memory

Description: A memory corruption issue was addressed by removing the vulnerable code.

CVE-2023-38610: Wang Yu of Cyberserval

Entry added December 22, 2023

Additional recognition

Accessibility

We would like to acknowledge Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal for their assistance.

Airport

We would like to acknowledge Adam M., and Noah Roskin-Frazee and Professor Jason Lau (ZeroClicks.ai Lab) for their assistance.

Apple Neural Engine

We would like to acknowledge pattern-f (@pattern_F_) of Ant Security Light-Year Lab for their assistance.

Entry added December 22, 2023

AppSandbox

We would like to acknowledge Kirin (@Pwnrin) for their assistance.

Audio

We would like to acknowledge Mickey Jin (@patch1t) for their assistance.

Bluetooth

We would like to acknowledge Jianjun Dai and Guang Gong of 360 Vulnerability Research Institute for their assistance.

Books

We would like to acknowledge Aapo Oksman of Nixu Cybersecurity for their assistance.

Control Center

We would like to acknowledge Chester van den Bogaard for their assistance.

CoreMedia Playback

We would like to acknowledge Mickey Jin (@patch1t) for their assistance.

Data Detectors UI

We would like to acknowledge Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal for their assistance.

Draco

We would like to acknowledge David Coomber for their assistance.

Find My

We would like to acknowledge Cher Scarlett for their assistance.

Home

We would like to acknowledge Jake Derouin (jakederouin.com) for their assistance.

IOUserEthernet

We would like to acknowledge Certik Skyfall Team for their assistance.

Entry added December 22, 2023

Kernel

We would like to acknowledge Bill Marczak of The Citizen Lab at The University of Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group and 永超王 for their assistance.

Keyboard

We would like to acknowledge an anonymous researcher for their assistance.

libxml2

We would like to acknowledge OSS-Fuzz, and Ned Williamson of Google Project Zero for their assistance.

libxpc

We would like to acknowledge an anonymous researcher for their assistance.

libxslt

We would like to acknowledge Dohyun Lee (@l33d0hyun) of PK Security, OSS-Fuzz, and Ned Williamson of Google Project Zero for their assistance.

Menus

We would like to acknowledge Matthew Denton of Google Chrome Security for their assistance.

Entry added December 22, 2023

Notes

We would like to acknowledge Lucas-Raphael Müller for their assistance.

Notifications

We would like to acknowledge Jiaxu Li for their assistance.

NSURL

We would like to acknowledge Zhanpeng Zhao (行之) and 糖豆爸爸(@晴天组织) for their assistance.

Password Manager

We would like to acknowledge Hidetoshi Nakamura for their assistance.

Photos

We would like to acknowledge Anatolii Kozlov, Dawid Pałuska, Kirin (@Pwnrin), Lyndon Cornelius, and Paul Lurin for their assistance.

Power Services

We would like to acknowledge Mickey Jin (@patch1t) for their assistance.

Quick Look

We would like to acknowledge 이준성(Junsung Lee) of Cross Republic for their assistance.

Entry added December 22, 2023

Safari

We would like to acknowledge Kang Ali of Punggawa Cyber Security, and andrew James gonzalez for their assistance.

Safari Private Browsing

We would like to acknowledge Khiem Tran, Narendra Bhati From Suma Soft Pvt. Ltd, and an anonymous researcher for their assistance.

Shortcuts

We would like to acknowledge Alfie CG, Christian Basting of Bundesamt für Sicherheit in der Informationstechnik, Cristian Dinca of "Tudor Vianu" National High School of Computer Science, Romania, Giorgos Christodoulidis, Jubaer Alnazi of TRS Group Of Companies, KRISHAN KANT DWIVEDI (@xenonx7), and Matthew Butler for their assistance.

Entry updated April 24, 2024

Siri

We would like to acknowledge Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal for their assistance.

Software Update

We would like to acknowledge Omar Siman for their assistance.

Spotlight

We would like to acknowledge Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal and Dawid Pałuska for their assistance.

Standby

We would like to acknowledge Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal for their assistance.

Status Bar

We would like to acknowledge N and an anonymous researcher for their assistance.

StorageKit

We would like to acknowledge Mickey Jin (@patch1t) for their assistance.

Weather

We would like to acknowledge Wojciech Regula of SecuRing (wojciechregula.blog) for their assistance.

Entry added December 22, 2023

WebKit

We would like to acknowledge Khiem Tran, Narendra Bhati From Suma Soft Pvt. Ltd, and an anonymous researcher for their assistance.

WebRTC

We would like to acknowledge anonymous researcher for their assistance.

Wi-Fi

We would like to acknowledge Wang Yu of Cyberserval for their assistance.

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.

Published Date: April 24, 2024

About the security content of iOS 17 and iPadOS 17

About Apple security updates

iOS 17 and iPadOS 17

Additional recognition

Start a discussion in Apple Support Communities