CVE-2023-42823 - How Logging Flaw in Apple OS Allowed Apps to Access Sensitive User Data

If you use any Apple device—an iPhone, iPad, Mac, or Apple TV—you’ve probably heard you should always keep your system updated. Here’s a deep dive into CVE-2023-42823, a vulnerability you may not have realized was affecting you and millions of other Apple users. We'll break down in simple language what happened, including technical details, how it was patched, and why you should care.

What is CVE-2023-42823?

CVE-2023-42823 is a security flaw found in the logging functionality of Apple’s operating systems. For non-technical folks, logging is when programs keep track (or log) of information about what they’re doing—mainly to help developers fix errors. But in this case, the way logging was handled could accidentally expose sensitive user data to malicious apps.

Here’s how Apple describes the problem

> “An app may be able to access user-sensitive data. This issue was addressed by sanitizing logging.”

The Problem

Certain Apple OS logs were not being properly sanitized. This means confidential data like usernames, emails, authentication tokens, or even snippets of your chats might appear in logs that were supposed to be off-limits to unauthorized apps.

Let’s say there’s an app that logs responses from a secure network request

// Vulnerable pseudo code - before the fix
let response = fetchAccountData()
Logger.log("User account data: \(response)")

If response contains sensitive information—say your Apple ID or session token—it should never appear in a general log. But due to CVE-2023-42823, poorly written or malicious apps could access logs of other apps and collect this data.

Apple’s Fix: Sanitizing the Logs

Apple fixed the problem by sanitizing logs. This means filtering out all sensitive data before anything gets recorded.

Here’s what the corrected behavior looks like

// Fixed code - after the fix
let response = fetchAccountData()
Logger.log("User account data fetched successfully")
// Details of 'response' are not logged anymore

Now, logs only mention a general success message—without leaking your private details.

macOS Ventura 13.6.1

If you’re using an older version, your device could still be exploitable.

Should You Worry?

This bug could have let certain dishonest apps steal private data stored or used by other apps. If you keep your device updated, you’re safe. If not, update as soon as you can.

References and Further Reading

- Apple security updates for CVE-2023-42823
- CVE page on Mitre
- Apple developer news on privacy protections

Update your device to stay safe!

Staying updated really does keep you secure—here’s proof.

Timeline

Published on: 02/21/2024 07:15:47 UTC
Last modified on: 11/04/2024 17:35:04 UTC