Multiple vulnerabilities in macOS Ventura



| Updated: 2024-10-25
Risk Critical
Patch available YES
Number of vulnerabilities 63
CVE-ID CVE-2023-32409
CVE-2023-28204
CVE-2023-32373
CVE-2023-32382
CVE-2023-32388
CVE-2023-32372
CVE-2023-32400
CVE-2023-32411
CVE-2023-32371
CVE-2023-32386
CVE-2023-32399
CVE-2023-28191
CVE-2023-32360
CVE-2023-32387
CVE-2023-32414
CVE-2023-32392
CVE-2023-32384
CVE-2023-32375
CVE-2023-32410
CVE-2023-32420
CVE-2023-27930
CVE-2023-27940
CVE-2023-32398
CVE-2023-32413
CVE-2023-32352
CVE-2023-32369
CVE-2023-32405
CVE-2023-32407
CVE-2023-32368
CVE-2023-32380
CVE-2023-32403
CVE-2023-32355
CVE-2023-32385
CVE-2023-32395
CVE-2023-32390
CVE-2023-32357
CVE-2023-32363
CVE-2023-32367
CVE-2023-32397
CVE-2023-32391
CVE-2023-32404
CVE-2023-32394
CVE-2023-32422
CVE-2023-32376
CVE-2023-28202
CVE-2023-32412
CVE-2023-32408
CVE-2023-32415
CVE-2023-32402
CVE-2023-32423
CVE-2023-32389
CVE-2023-32432
CVE-2023-32379
CVE-2023-34352
CVE-2023-32428
CVE-2023-22809
CVE-2023-32417
CVE-2023-32437
CVE-2023-32383
CVE-2023-29469
CVE-2023-42869
CVE-2023-32401
CVE-2023-42958
CWE-ID CWE-119
CWE-125
CWE-416
CWE-254
CWE-264
CWE-269
CWE-312
CWE-200
CWE-287
CWE-843
CWE-362
CWE-787
CWE-285
CWE-357
CWE-532
CWE-371
CWE-20
CWE-284
CWE-94
CWE-399
CWE-476
Exploitation vector Network
Public exploit Vulnerability #1 is being exploited in the wild.
Vulnerability #2 is being exploited in the wild.
Vulnerability #3 is being exploited in the wild.
Public exploit code for vulnerability #28 is available.
Public exploit code for vulnerability #43 is available.
Public exploit code for vulnerability #56 is available.
Vulnerable software
Subscribe
macOS
Operating systems & Components / Operating system

Vendor Apple Inc.

Security Bulletin

This security bulletin contains information about 63 vulnerabilities.

1) Buffer overflow

EUVDB-ID: #VU76311

Risk: Critical

CVSSv3.1: 9.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2023-32409

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in WebKit. A remote attacker can trick the victim to visit a specially crafted web page, trigger memory corruption and break out of Web Content sandbox.

Note, the vulnerability is being actively exploited in the wild.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

2) Out-of-bounds read

EUVDB-ID: #VU76310

Risk: High

CVSSv3.1: 7.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:L/E:H/RL:O/RC:C]

CVE-ID: CVE-2023-28204

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in WebKit. A remote attacker can trick the victim to visit a specially crafted webpage, trigger an out-of-bounds read error and read contents of memory on the system.

Note, the vulnerability is being actively exploited in the wild.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

3) Use-after-free

EUVDB-ID: #VU76312

Risk: Critical

CVSSv3.1: 8.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2023-32373

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in WebKit. A remote attacker can trick the victim to visit a specially crafted web page, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Note, the vulnerability is being actively exploited in the wild.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

4) Out-of-bounds read

EUVDB-ID: #VU76330

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32382

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when processing 3D models in Model I/O. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Security features bypass

EUVDB-ID: #VU76301

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32388

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to a privacy issue when writing data to log entries in Accessibility component. A local application can bypass Privacy preferences.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Out-of-bounds read

EUVDB-ID: #VU76316

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32372

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in ImageIO. A remote attacker can create a specially crafted EXR file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU76302

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32400

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to gain access to otherwise restricted functionality.

The vulnerability exists due to improper checks in Accessibility application. Entitlements and privacy permissions granted to this application may be used by a malicious app.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Improper Privilege Management

EUVDB-ID: #VU76303

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32411

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges.

The vulnerability exists due to improper privilege management in AppleMobileFileIntegrity. A local application can bypass Privacy preferences.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Security features bypass

EUVDB-ID: #VU76304

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32371

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists in Associated Domains. A local application can break out of its sandbox.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Cleartext storage of sensitive information

EUVDB-ID: #VU76305

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32386

CWE-ID: CWE-312 - Cleartext Storage of Sensitive Information

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to Contacts application stores potentially sensitive data in temporary files. A local application can observe unprotected user data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Information disclosure

EUVDB-ID: #VU76306

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32399

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to incorrect handling of caches in Core Location. A local application can read sensitive location information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Cleartext storage of sensitive information

EUVDB-ID: #VU76307

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-28191

CWE-ID: CWE-312 - Cleartext Storage of Sensitive Information

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to CoreServices stores potentially sensitive data in in insecure manner. A local application can bypass Privacy preferences.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Improper Authentication

EUVDB-ID: #VU76308

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32360

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to missing authentication in CUPS. A remote attacker can access recently printed documents.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Use-after-free

EUVDB-ID: #VU76309

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32387

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in dcerpc daemon. A remote attacker can send a specially crafted request to the affected daemon, trigger a use-after-free error and execute arbitrary code on the system..

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Improper Privilege Management

EUVDB-ID: #VU76314

Risk: Low

CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32414

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges.

The vulnerability exists due to improper privilege management in DesktopServices. A local application can break out of its sandbox.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Cleartext storage of sensitive information

EUVDB-ID: #VU76315

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32392

CWE-ID: CWE-312 - Cleartext Storage of Sensitive Information

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to GeoServices application stores potentially sensitive data in log files. A local application can read sensitive location information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Buffer overflow

EUVDB-ID: #VU76317

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32384

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in ImageIO. A remote attacker can create a specially crafted EXR file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Out-of-bounds read

EUVDB-ID: #VU76329

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32375

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when processing 3D models within the Hydra framework. A remote attacker can create a specially crafted USD file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Out-of-bounds read

EUVDB-ID: #VU76318

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32410

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in IOSurface. A local application can trigger an out-of-bounds read error and read contents of kernel memory.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Out-of-bounds read

EUVDB-ID: #VU76319

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32420

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information or crash the kernel.

The vulnerability exists due to a boundary condition in IOSurfaceAccelerator. A local application can trigger an out-of-bounds read error and read contents of kernel memory or crash the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Type Confusion

EUVDB-ID: #VU76320

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-27930

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a type confusion error in OS kernel. A local user can trigger a type confusion error and execute arbitrary code with kernel privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU76321

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-27940

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improperly imposed security restrictions within the OS kernel. A local application can observe system-wide network connections.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Use-after-free

EUVDB-ID: #VU76322

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32398

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the OS kernel. A local user can trigger a use-after-free error and execute arbitrary code with root privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Race condition

EUVDB-ID: #VU76323

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32413

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the /dev/fd filesystem. A local user can exploit the race and execute arbitrary code with root privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Security features bypass

EUVDB-ID: #VU76324

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32352

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to a logic error in LaunchServices. A local application can bypass Gatekeeper checks.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Improper Privilege Management

EUVDB-ID: #VU76325

Risk: Low

CVSSv3.1: 3.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32369

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to improper privilege management in libxpc. A local application can modify protected parts of the file system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Improper Privilege Management

EUVDB-ID: #VU76326

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32405

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to improper privilege management in libxpc. A local application can execute arbitrary code with root privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Improper Privilege Management

EUVDB-ID: #VU76327

Risk: Low

CVSSv3.1: 3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2023-32407

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: Yes

Description

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to improper privilege management in Metal. A local application can bypass Privacy preferences.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

29) Out-of-bounds read

EUVDB-ID: #VU76328

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32368

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when processing 3D models in Model I/O. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Out-of-bounds write

EUVDB-ID: #VU76331

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32380

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing 3D models in Model I/O. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger an out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Cleartext storage of sensitive information

EUVDB-ID: #VU76332

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32403

CWE-ID: CWE-312 - Cleartext Storage of Sensitive Information

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to NetworkExtension stores potentially sensitive data in files. A local application can read sensitive location information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU76333

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32355

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to improperly imposed security restrictions in PackageKit. A local application can modify protected parts of the file system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Buffer overflow

EUVDB-ID: #VU76334

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32385

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in PDFKit. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger memory corruption and crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU76335

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32395

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to improperly imposed security restrictions in Perl. A local application can modify protected parts of the file system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Improper Privilege Management

EUVDB-ID: #VU76336

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32390

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to improper privilege management in Photos. A local application can view photos belonging to the Hidden Photos Album through Visual Lookup.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Improper Authorization

EUVDB-ID: #VU76337

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32357

CWE-ID: CWE-285 - Improper Authorization

Exploit availability: No

Description

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to improper authorization in Sandbox. A local application can retain access to system configuration files even after its permission is revoked.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU76338

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32363

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to improperly imposed security restrictions in Screen Saver. A local application can bypass Privacy preferences.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Information disclosure

EUVDB-ID: #VU76339

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32367

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to an error in Security component. A local application can access user-sensitive data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Improper Privilege Management

EUVDB-ID: #VU76340

Risk: Low

CVSSv3.1: 3.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32397

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to improper privilege management in the Shell component. A local local application can modify protected parts of the file system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Insufficient UI Warning of Dangerous Operations

EUVDB-ID: #VU76341

Risk: Low

CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32391

CWE-ID: CWE-357 - Insufficient UI Warning of Dangerous Operations

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists in the Shortcuts component. A remote attacker can trick the victim into clocking on a malicious shortcut and use sensitive data with certain actions without prompting the user.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU76342

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32404

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to improperly imposed security restrictions in Shortcuts. A local application can bypass Privacy preferences.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Security features bypass

EUVDB-ID: #VU76343

Risk: Low

CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32394

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due to unspecified vulnerability in Siri. An attacker with physical access to a device can view contact information from the lock screen.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Inclusion of Sensitive Information in Log Files

EUVDB-ID: #VU76344

Risk: Low

CVSSv3.1: 5.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2023-32422

CWE-ID: CWE-532 - Information Exposure Through Log Files

Exploit availability: Yes

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to SQLite stores sensitive information into log files. A local application can access data from other apps by enabling additional SQLite logging.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

44) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU76345

Risk: Low

CVSSv3.1: 3.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32376

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to improperly imposed security restrictions in StorageKit. A local application can modify protected parts of the file system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) State Issues

EUVDB-ID: #VU76346

Risk: Low

CVSSv3.1: 3.2 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-28202

CWE-ID: CWE-371 - State Issues

Exploit availability: No

Description

The vulnerability may allow local application to bypass implemented security issues.

The vulnerability exists due to state management issue in System Settings. An app firewall setting may not take effect after exiting the Settings app.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Use-after-free

EUVDB-ID: #VU76347

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32412

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in Telephony service. A remote attacker can trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Information disclosure

EUVDB-ID: #VU76348

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32408

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to improper handling of caches in TV App. A local application can read sensitive location information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Information disclosure

EUVDB-ID: #VU76349

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32415

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the Weather application. A local application can read sensitive location information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Out-of-bounds read

EUVDB-ID: #VU76350

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32402

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in WebKit. A remote attacker can trick the victim to open a specially crafted website. trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Buffer overflow

EUVDB-ID: #VU76351

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32423

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in WebKit. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Information disclosure

EUVDB-ID: #VU76352

Risk: Low

CVSSv3.1: 5.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32389

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the Wi-Fi component. A local application can disclose kernel memory.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Information disclosure

EUVDB-ID: #VU80597

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32432

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists in Share Sheet write sensitive information into temporary files. A local application can gain unauthorized access to sensitive information.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Buffer overflow

EUVDB-ID: #VU80595

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32379

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary error in AMD support. A local application can trigger memory corruption and execute arbitrary code with kernel privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Improper Privilege Management

EUVDB-ID: #VU80594

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-34352

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to improper privilege management. A local user can gain unauthorized access to email accounts of other users.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Input validation error

EUVDB-ID: #VU80596

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32428

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to insufficient validation of files within the MallocStackLogging component. A local application can execute arbitrary code with root privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Input validation error

EUVDB-ID: #VU71332

Risk: Low

CVSSv3.1: 7.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C]

CVE-ID: CVE-2023-22809

CWE-ID: CWE-20 - Improper input validation

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists within the sudoedit (aka -e) feature due to insufficient validation of user-supplied input passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR). The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value. A local user can append arbitrary entries to the list of files to process and escalate privileges on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 13.4 22F66

CPE2.3
External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.

57) Improper access control

EUVDB-ID: #VU76355

Risk: Low

CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32417

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows an attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions in Face Gallery. A attacker with physical access to a locked Apple Watch can view user photos or contacts via accessibility features.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 13.4 22F66

CPE2.3
External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Security features bypass

EUVDB-ID: #VU78601

Risk: Low

CVSSv3.1: 7.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32437

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to improper handling of a file protocol in NSURLSession. A local application can break out of its sandbox.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 13.4 22F66

CPE2.3
External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Code Injection

EUVDB-ID: #VU84737

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32383

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to improper input validation in AppleMobileFileIntegrity. A local application can inject code into sensitive binaries bundled with Xcode.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Resource management error

EUVDB-ID: #VU74862

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-29469

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources when working with hashes of empty dict strings. A remote attacker can and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) NULL pointer dereference

EUVDB-ID: #VU74864

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42869

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in xmlSchemaCheckCOSSTDerivedOK. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Buffer overflow

EUVDB-ID: #VU84738

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32401

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in Quick Look. A remote attacker can create a specially crafted document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 13.0 22A380 - 13.3.1a 22E772610a

CPE2.3 External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU94648

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42958

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to MobileStorageMounter does not properly impose security restrictions, which leads to security restrictions bypass and privilege escalation.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: before 13.4 22F66

CPE2.3
External links

http://support.apple.com/en-us/HT213758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###