CVE-2023-42872 is a medium-severity vulnerability affecting Apple iOS and iPadOS platforms, including the latest versions prior to iOS 17 and iPadOS 17. The vulnerability allows a malicious application to potentially access sensitive user data without proper authorization. The root cause stems from insufficient permission checks within the operating system, which could be exploited by an app to bypass normal security controls and read sensitive information. This issue does not require prior authentication (PR:N) but does require user interaction (UI:R), such as the user launching or interacting with the malicious app. The attack vector is local (AV:L), meaning the attacker must have the app installed on the device. The vulnerability impacts confidentiality (C:H) but does not affect integrity or availability. Apple addressed this vulnerability by implementing additional permission checks in macOS Sonoma 14, iOS 17, and iPadOS 17, thereby preventing unauthorized access to sensitive data by apps. No known exploits are currently reported in the wild, and the affected versions are unspecified but presumably include all versions prior to the patched releases. The CVSS 3.1 base score is 5.5, reflecting a medium severity level due to the combination of local attack vector, user interaction requirement, and high confidentiality impact.

For European organizations, this vulnerability poses a risk primarily to employees and users who utilize Apple iOS and iPadOS devices for work-related activities, especially those handling sensitive or regulated data such as personal information, intellectual property, or confidential communications. If exploited, a malicious app could access sensitive user data, potentially leading to data breaches, privacy violations, or leakage of proprietary information. This could have regulatory implications under GDPR and other data protection laws, resulting in legal and financial consequences. The impact is heightened in sectors with strict data confidentiality requirements, such as finance, healthcare, government, and critical infrastructure. However, since exploitation requires local access and user interaction, the threat is somewhat mitigated by organizational controls on app installation and user awareness. Nonetheless, the vulnerability underscores the importance of device security hygiene and timely patching in environments where iOS/iPadOS devices are used.

European organizations should implement a multi-layered mitigation strategy: 1) Enforce strict mobile device management (MDM) policies to control app installation, restricting users from installing untrusted or unauthorized applications. 2) Ensure all iOS and iPadOS devices are promptly updated to iOS 17 or iPadOS 17, or later versions where the vulnerability is patched. 3) Educate users about the risks of installing apps from untrusted sources and the importance of minimizing interaction with suspicious apps. 4) Utilize Apple’s enterprise security features such as app whitelisting and managed app stores to limit exposure. 5) Monitor device logs and network traffic for unusual behavior indicative of data exfiltration attempts. 6) For highly sensitive environments, consider additional endpoint protection solutions that can detect anomalous app behavior on iOS/iPadOS devices. 7) Regularly review and audit permissions granted to installed apps to ensure they align with organizational policies.