Multiple vulnerabilities in Apple macOS Big Sur

1) Improper access control

EUVDB-ID: #VU71432

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2023-23499

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper access restrictions in AppleMobileFileIntegrity. A local application can gain access to sensitive user information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411 - 11.7.2 20G1020

CPE2.3

cpe:2.3:o:apple:macos:11.7.2:20G1020:*:*:*:*:*:*

External links

http://support.apple.com/en-us/HT213603

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Input validation error

EUVDB-ID: #VU66881

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-35252

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to the way curl handles cookies with control codes (byte values below 32). When cookies that contain such control codes are later sent back to an HTTP(S) server, it might make the server return a 400 response, effectively allowing a "sister site" to deny service to siblings.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411 - 11.7.2 20G1020

CPE2.3

cpe:2.3:o:apple:macos:11.7.2:20G1020:*:*:*:*:*:*

External links

http://support.apple.com/en-us/HT213603

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Buffer overflow

EUVDB-ID: #VU71433

Risk: High

CVSSv3.1:

CVE-ID: CVE-2023-23513

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in dcerpc when mounting a malicious SMB share. A remote attacker can trick the victim to mount a malicious SMB share, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411 - 11.7.2 20G1020

CPE2.3

cpe:2.3:o:apple:macos:11.7.2:20G1020:*:*:*:*:*:*

External links

http://support.apple.com/en-us/HT213603

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Improper Privilege Management

EUVDB-ID: #VU71434

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2023-23497

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges.

The vulnerability exists due to improper privilege management in PackageKit. A local application can execute arbitrary code with root privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411 - 11.7.2 20G1020

CPE2.3

cpe:2.3:o:apple:macos:11.7.2:20G1020:*:*:*:*:*:*

External links

http://support.apple.com/en-us/HT213603

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Information disclosure

EUVDB-ID: #VU71435

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2023-23505

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to a privacy issue in Screen Time. A local application can gain unauthorized access to user's contact information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411 - 11.7.2 20G1020

CPE2.3

cpe:2.3:o:apple:macos:11.7.2:20G1020:*:*:*:*:*:*

External links

http://support.apple.com/en-us/HT213603

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Buffer overflow

EUVDB-ID: #VU71436

Risk: High

CVSSv3.1:

CVE-ID: CVE-2023-23518

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content in WebKit. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411 - 11.7.2 20G1020

CPE2.3

cpe:2.3:o:apple:macos:11.7.2:20G1020:*:*:*:*:*:*

External links

http://support.apple.com/en-us/HT213603

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

7) Buffer overflow

EUVDB-ID: #VU71437

Risk: High

CVSSv3.1:

CVE-ID: CVE-2023-23517

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content in WebKit. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411 - 11.7.2 20G1020

CPE2.3

cpe:2.3:o:apple:macos:11.7.2:20G1020:*:*:*:*:*:*

External links

http://support.apple.com/en-us/HT213603

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

8) Security features bypass

EUVDB-ID: #VU71438

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2023-23508

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a local application to bypass certain security restrictions.

The vulnerability exists due to an error within Windows Installer. A local application can bypass Privacy preferences.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411 - 11.7.2 20G1020

CPE2.3

cpe:2.3:o:apple:macos:11.7.2:20G1020:*:*:*:*:*:*

External links

http://support.apple.com/en-us/HT213603

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

Risk	High
Patch available	YES
Number of vulnerabilities	8
CVE-ID	CVE-2023-23499 CVE-2022-35252 CVE-2023-23513 CVE-2023-23497 CVE-2023-23505 CVE-2023-23518 CVE-2023-23517 CVE-2023-23508
CWE-ID	CWE-284 CWE-20 CWE-119 CWE-269 CWE-200 CWE-254
Exploitation vector	Network
Public exploit	N/A
Vulnerable software Subscribe	macOS Operating systems & Components / Operating system
Vendor	Apple Inc.