Multiple vulnerabilities in Apple macOS Sonoma



Published: 2023-10-25 | Updated: 2024-03-13
Risk High
Patch available YES
Number of vulnerabilities 70
CVE-ID CVE-2023-4738
CVE-2023-41997
CVE-2023-41988
CVE-2023-40421
CVE-2023-4733
CVE-2023-4734
CVE-2023-4735
CVE-2023-4736
CVE-2023-4750
CVE-2023-4751
CVE-2023-4752
CVE-2023-4781
CVE-2023-41254
CVE-2023-40447
CVE-2023-41976
CVE-2023-42852
CVE-2023-41983
CVE-2023-41975
CVE-2023-41982
CVE-2023-41977
CVE-2023-30774
CVE-2023-40423
CVE-2023-41072
CVE-2023-42857
CVE-2023-40449
CVE-2023-42854
CVE-2023-40413
CVE-2023-42844
CVE-2023-40416
CVE-2023-38403
CVE-2023-42841
CVE-2023-42849
CVE-2023-40408
CVE-2023-42856
CVE-2023-42847
CVE-2023-42845
CVE-2023-40444
CVE-2023-41989
CVE-2023-42850
CVE-2023-42861
CVE-2023-40405
CVE-2023-40404
CVE-2023-42438
CVE-2023-42842
CVE-2023-40446
CVE-2023-42935
CVE-2023-42945
CVE-2023-42835
CVE-2023-42952
CVE-2023-42823
CVE-2023-42834
CVE-2023-42953
CVE-2023-42848
CVE-2023-42942
CVE-2023-42859
CVE-2023-42877
CVE-2023-42840
CVE-2023-42853
CVE-2023-42860
CVE-2023-42889
CVE-2023-42873
CVE-2023-42838
CVE-2023-42836
CVE-2023-42839
CVE-2023-42878
CVE-2023-42946
CVE-2023-36191
CVE-2023-42843
CVE-2023-42858
CVE-2023-28826
CWE-ID CWE-119
CWE-200
CWE-284
CWE-416
CWE-190
CWE-125
CWE-426
CWE-122
CWE-532
CWE-20
CWE-357
CWE-61
CWE-371
CWE-287
CWE-264
CWE-254
CWE-451
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		macOS
Operating systems & Components / Operating system

Vendor Apple Inc.

Security Bulletin

This security bulletin contains information about 70 vulnerabilities.

1) Buffer overflow

EUVDB-ID: #VU80504

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4738

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to a boundary error within the vim_regsub_both() function in src/regexp.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger memory corruption and crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Information disclosure

EUVDB-ID: #VU82412

Risk: Low

CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-41997

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a attacker to gain access to potentially sensitive information.

The vulnerability exists due to certain Siri options are present on the locked screen. An attacker with physical access to device can gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Information disclosure

EUVDB-ID: #VU82419

Risk: Low

CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-41988

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a attacker to gain access to potentially sensitive information.

The vulnerability exists due to certain Siri options are present on the locked screen. An attacker with physical access to device can gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper access control

EUVDB-ID: #VU82403

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-40421

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper access restrictions in talagent. A local application can gain access to sensitive user data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Use-after-free

EUVDB-ID: #VU80502

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4733

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to a use-after-free error within the do_ecmd() function in ex_cmds.c. A remote attacker can trick the victim to open a specially crafted file and crash the application.


Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Integer overflow

EUVDB-ID: #VU81485

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4734

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow within the f_fullcommand() function in ex_docmd.c. A remote attacker can trick the victim to open a specially crafted file, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Out-of-bounds read

EUVDB-ID: #VU80503

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4735

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the do_addsub() function in ops.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Untrusted search path

EUVDB-ID: #VU80227

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4736

CWE-ID: CWE-426 - Untrusted Search Path

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to usage of an untrusted search path when searching for perl, zig, ruby filetype plugins as well as zip and gzip autoload plugins. A remote attacker can trick the victim into downloading specially crafted files and opening one of the downloaded files using the affected software.

Successful exploitation of the vulnerability may lead to remote code execution.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use-after-free

EUVDB-ID: #VU80505

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4750

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to a use-after-free error within the is_qf_win() function in quickfix.c. A remote attacker can trick the victim to open a specially crafted file and crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Heap-based buffer overflow

EUVDB-ID: #VU81488

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4751

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the utfc_ptr2len() function in mbyte.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Use-after-free

EUVDB-ID: #VU80506

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4752

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to a use-after-free error within the ins_compl_get_exp() function in insexpand.c. A remote attacker can trick the victim to open a specially crafted file and crash the application.


Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Heap-based buffer overflow

EUVDB-ID: #VU80474

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4781

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to a boundary error within the vim_regsub_both() function. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Inclusion of Sensitive Information in Log Files

EUVDB-ID: #VU82408

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-41254

CWE-ID: CWE-532 - Information Exposure Through Log Files

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to Weather application stores sensitive information in log files. A local application can access sensitive user data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Buffer overflow

EUVDB-ID: #VU82394

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-40447

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content in WebKit. A remote attacker can trick the victim to open a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Use-after-free

EUVDB-ID: #VU82395

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-41976

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when processing HTML content in WebKit. A remote attacker can trick the victim to open a specially crafted website, trigger a use-after-free error and execute arbitrary code on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Input validation error

EUVDB-ID: #VU82396

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42852

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to a logic issue when handling HTML content in WebKit. A remote attacker can trick the victim to visit a specially crafted website and execute arbitrary code on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Buffer overflow

EUVDB-ID: #VU82397

Risk: Medium

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-41983

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error when processing HTML content in WebKit Process Model. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption and perform a denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Insufficient UI Warning of Dangerous Operations

EUVDB-ID: #VU82404

Risk: Medium

CVSSv3.1: 4.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-41975

CWE-ID: CWE-357 - Insufficient UI Warning of Dangerous Operations

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to an error in WindowServer component. A remote attacker can trick the victim to visit a specially crafted website and access the microphone without the microphone use indicator being shown.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Information disclosure

EUVDB-ID: #VU82413

Risk: Low

CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-41982

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a attacker to gain access to potentially sensitive information.

The vulnerability exists due to certain Siri options are present on the locked screen. An attacker with physical access to device can gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Information disclosure

EUVDB-ID: #VU82411

Risk: Medium

CVSSv3.1: 4.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-41977

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by Safari. A remote attacker can trick the victim to visit a specially crafted website and gain access to user's browsing history.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Heap-based buffer overflow

EUVDB-ID: #VU75890

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-30774

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error related to TIFFTAG_INKNAMES and  TIFFTAG_NUMBEROFINKS value. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Buffer overflow

EUVDB-ID: #VU82399

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-40423

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary error in IOTextEncryptionFamily. A local application can trigger memory corruption and execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Inclusion of Sensitive Information in Log Files

EUVDB-ID: #VU82415

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-41072

CWE-ID: CWE-532 - Information Exposure Through Log Files

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to Contacts application stores sensitive information into log files. A local application can sensitive user data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Inclusion of Sensitive Information in Log Files

EUVDB-ID: #VU82416

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42857

CWE-ID: CWE-532 - Information Exposure Through Log Files

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to Contacts application stores sensitive information into log files. A local application can sensitive user data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Buffer overflow

EUVDB-ID: #VU82390

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-40449

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local application to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in CoreAnimation. A local application can trigger memory corruption and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Input validation error

EUVDB-ID: #VU82391

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42854

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local application to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in FileProvider. A local application can cause a denial-of-service to Endpoint Security clients.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Information disclosure

EUVDB-ID: #VU82392

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-40413

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to an error when handling cache in the Find My feature. A local application can read sensitive location information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) UNIX symbolic link following

EUVDB-ID: #VU82393

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42844

CWE-ID: CWE-61 - UNIX Symbolic Link (Symlink) Following

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to an error when resolving symlinks in Foundation. A remote attacker can trick the victim to visit a specially crafted website and gain access to potentially sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Out-of-bounds read

EUVDB-ID: #VU82398

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-40416

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in ImageIO. A remote attacker can create a specially crafted image file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Integer overflow

EUVDB-ID: #VU78695

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38403

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow. A remote attacker can pass specially crafted length field to the application, trigger an integer overflow and perform a denial of service (DoS0 attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Buffer overflow

EUVDB-ID: #VU82407

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42841

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary error in Pro Res. A local application can trigger memory corruption and execute arbitrary code with kernel privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Buffer overflow

EUVDB-ID: #VU82400

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42849

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the OS kernel. A local user can trigger memory corruption, bypass kernel memory mitigations and execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) State Issues

EUVDB-ID: #VU82409

Risk: Low

CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-40408

CWE-ID: CWE-371 - State Issues

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to an inconsistent user interface issue in My Drafts feature, which can unexpectedly deactivate the Hide My Email option. A remote attacker can gain access to potentially sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Buffer overflow

EUVDB-ID: #VU82401

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42856

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the Hydra framework when processing ABC image. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Improper Authentication

EUVDB-ID: #VU82417

Risk: Low

CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42847

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows an attacker to bypass authentication process.

The vulnerability exists due to a logic issue in Passkeys. An attacker with physical access to the device can access passkeys without authentication.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Improper Authentication

EUVDB-ID: #VU82418

Risk: Low

CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42845

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due to missing authentication in Photos application. An attacker with physical access to device can view photos in the Hidden Photos Album without authentication.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU82421

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-40444

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improperly imposed security restrictions in AppSandbox. A local application can can access to sensitive user information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Security features bypass

EUVDB-ID: #VU82422

Risk: Low

CVSSv3.1: 6.6 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-41989

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows an attacker to compromise the locked device.

The vulnerability exists due to overly permissive options in Emoji. An attacker with physical access to a locked device can execute arbitrary code as root.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Improper access control

EUVDB-ID: #VU82423

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42850

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper access restrictions in LaunchServices. A local application can gain access to sensitive user information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) State Issues

EUVDB-ID: #VU82424

Risk: Low

CVSSv3.1: 4.5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42861

CWE-ID: CWE-371 - State Issues

Exploit availability: No

Description

The vulnerability allows a local user to compromise the another user's account.

The vulnerability exists due to a logic issue in Login Window. A local user with valid credentials to their own account can unlock another standard user's locked screen on the same Mac.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Information disclosure

EUVDB-ID: #VU82425

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-40405

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to a privacy issue in Maps. A local application can access sensitive location information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Use-after-free

EUVDB-ID: #VU82426

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-40404

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in Networking. A local application can trigger a use-after-free error and execute arbitrary code with kernel privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Spoofing attack

EUVDB-ID: #VU82427

Risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42438

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data in Safari. A remote attacker can trick the victim to visit a specially crafted website and spoof contents of the user interface.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Information disclosure

EUVDB-ID: #VU82428

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42842

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the Terminal application. A local application can gain access to sensitive user information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Buffer overflow

EUVDB-ID: #VU82726

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-40446

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in libc. A remote attacker can pass specially crafted input to user-installed applications on the system, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Information disclosure

EUVDB-ID: #VU85680

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42935

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to an error in the LoginWindow. A local user can view the previous logged in user’s desktop from the fast user switching screen.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU86594

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42945

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improperly impose security restrictions on the Bluetooth component. A local application can can unauthorized access to Bluetooth.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Information disclosure

EUVDB-ID: #VU86595

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42835

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by RemoteViewServices. A remote attacker can gain unauthorized access to sensitive information.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 14.0 23A344

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Information disclosure

EUVDB-ID: #VU86564

Risk: Low

CVSSv3.1: 2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42952

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output in Automation feature. A local application with root privileges can gain unauthorized access to private information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Inclusion of Sensitive Information in Log Files

EUVDB-ID: #VU86565

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42823

CWE-ID: CWE-532 - Information Exposure Through Log Files

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to the Core Recents component stores sensitive information into log files. A local application can read the log files and gain access to sensitive user data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Information disclosure

EUVDB-ID: #VU86561

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42834

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the Find My application when handling files. A local application can gain unauthorized access to sensitive user information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU86571

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42953

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to Game Center does not properly impose security restrictions. A local application can gain access to sensitive user information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Heap-based buffer overflow

EUVDB-ID: #VU86566

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42848

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in ImageIO. A remote attacker can trick the victim to open a specially crafted image file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) UNIX symbolic link following

EUVDB-ID: #VU86567

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42942

CWE-ID: CWE-61 - UNIX Symbolic Link (Symlink) Following

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a symlink following issue in libxpc. A local application can create a specially crafted symbolic link to a critical file on the system and overwrite it with privileges of the application.

Successful exploitation of this vulnerability may result in privilege escalation.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU86587

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42859

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to modify protected parts of the file system.

The vulnerability exists due to PackageKit does not properly impose security restrictions. A local application can modify protected parts of the file system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU86588

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42877

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to modify protected parts of the file system.

The vulnerability exists due to PackageKit does not properly impose security restrictions. A local application can modify protected parts of the file system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU86589

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42840

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to PackageKit does not properly impose security restrictions. A local application can gain access to sensitive user information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU86591

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42853

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to PackageKit does not properly impose security restrictions. A local application can gain access to sensitive user information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU86592

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42860

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to modify protected parts of the file system.

The vulnerability exists due to PackageKit does not properly impose security restrictions. A local application can modify protected parts of the file system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU86590

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42889

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to PackageKit does not properly impose security restrictions. A local application can bypass certain Privacy preferences.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Buffer overflow

EUVDB-ID: #VU86568

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42873

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary error in Pro Res. A local application can trigger memory corruption and execute arbitrary code with kernel privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Security features bypass

EUVDB-ID: #VU86562

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42838

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to an unspecified error within the quarantine feature. A local application can execute arbitrary code out of its sandbox or with certain elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU86563

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42836

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to gain access to otherwise restricted functionality.

The vulnerability exists due to logic error in Sandbox. A local user can gain unauthorized access to connected network volumes mounted in the home directory.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Security features bypass

EUVDB-ID: #VU86582

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42839

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper state management in Sandbox. A local application can gain access to sensitive user information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Inclusion of Sensitive Information in Log Files

EUVDB-ID: #VU86584

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42878

CWE-ID: CWE-532 - Information Exposure Through Log Files

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to Share Sheet stores sensitive information into log files. A local user can read the log files and gain access to sensitive data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Information disclosure

EUVDB-ID: #VU86585

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42946

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output in Siri. A local application can gain unauthorized access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Buffer overflow

EUVDB-ID: #VU77781

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-36191

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within shell.c. A local user can send a specially crafted request to the database to trigger memory corruption and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Spoofing attack

EUVDB-ID: #VU86569

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42843

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data in WebKit. A remote attacker can spoof the browser address bar.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU86593

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42858

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to WindowServer does not properly impose security restrictions. A local application can gain access to sensitive user information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) Inclusion of Sensitive Information in Log Files

EUVDB-ID: #VU87224

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-28826

CWE-ID: CWE-532 - Information Exposure Through Log Files

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to MediaRemote stores sensitive information into log files. A local user can read the log files and gain access to sensitive data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: before 14.1 23B74

External links

http://support.apple.com/en-us/HT213984


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###