Multiple vulnerabilities in Apple macOS Monterey
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 27 |
| CVE-ID | CVE-2020-19186 CVE-2023-5344 CVE-2023-42932 CVE-2020-19190 CVE-2020-19189 CVE-2020-19188 CVE-2020-19187 CVE-2020-19185 CVE-2023-42919 CVE-2023-42914 CVE-2023-42891 CVE-2023-42899 CVE-2023-42922 CVE-2023-42886 CVE-2023-42894 CVE-2023-42836 CVE-2023-42838 CVE-2023-42834 CVE-2023-42896 CVE-2023-42931 CVE-2023-42892 CVE-2023-42974 CVE-2023-42893 CVE-2023-3618 CVE-2023-42936 CVE-2023-42930 CVE-2023-42947 |
| CWE-ID | CWE-787 CWE-122 CWE-284 CWE-532 CWE-119 CWE-287 CWE-200 CWE-125 CWE-264 CWE-254 CWE-377 CWE-285 CWE-416 CWE-362 CWE-120 CWE-22 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #20 is available. |
| Vulnerable software Subscribe |
macOS Operating systems & Components / Operating system |
| Vendor | Apple Inc. |
Security Bulletin
This security bulletin contains information about 27 vulnerabilities.
1) Out-of-bounds write
EUVDB-ID: #VU84084
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-19186
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error within the _nc_find_entry() function in tinfo/comp_hash.c. A remote attacker can send a specially crafted command to the application, trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Heap-based buffer overflow
EUVDB-ID: #VU81486
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-5344
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the trunc_string() function in message.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper access control
EUVDB-ID: #VU84078
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-42932
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper access restrictions in TCC. A local application can bypass implemented security restrictions and access protected user data.
MitigationInstall update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds write
EUVDB-ID: #VU84081
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-19190
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error within the _nc_find_entry() function in tinfo/comp_hash.c. A remote attacker can send a specially crafted command to the application, trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Out-of-bounds write
EUVDB-ID: #VU82358
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-19189
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
Description The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the postprocess_terminfo() function in tinfo/parse_entry. A local user can run a specially crafted command to trigger an out-of-bounds write and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Out-of-bounds write
EUVDB-ID: #VU84082
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-19188
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error within the fmt_entry() function in progs/dump_entry.c. A remote attacker can send a specially crafted command to the application, trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Out-of-bounds write
EUVDB-ID: #VU84083
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-19187
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error within the fmt_entry() function in progs/dump_entry.c. A remote attacker can send a specially crafted command to the application, trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Out-of-bounds write
EUVDB-ID: #VU84085
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-19185
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error within the one_one_mapping() function in progs/dump_entry.c. A remote attacker can send a specially crafted command to the application, trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Inclusion of Sensitive Information in Log Files
EUVDB-ID: #VU84052
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-42919
CWE-ID:
CWE-532 - Information Exposure Through Log Files
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to the Accounts component stores sensitive information into log files. A local application can read the log files and gain access to sensitive data.
MitigationInstall update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Buffer overflow
EUVDB-ID: #VU84077
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-42914
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local application to bypass sandbox restrictions.
The vulnerability exists due to a boundary error within the OS kernel. A local application can break out of its sandbox.
MitigationInstall update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Improper Authentication
EUVDB-ID: #VU84076
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-42891
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to an error in IOKit. A local application can monitor keystrokes without user permission.
MitigationInstall update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Buffer overflow
EUVDB-ID: #VU84075
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-42899
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the ImageIO component. A remote attacker can create a specially crafted image file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Information disclosure
EUVDB-ID: #VU84073
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-42922
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the Find My application. A local application can gain unauthorized access to sensitive information on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Out-of-bounds read
EUVDB-ID: #VU84071
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-42886
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in CoreServices. A local user can trigger an out-of-bounds read and execute arbitrary code on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Inclusion of Sensitive Information in Log Files
EUVDB-ID: #VU84053
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-42894
CWE-ID:
CWE-532 - Information Exposure Through Log Files
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to AppleEvents stores sensitive information into log files. A local application can read the log files and gain access to sensitive data.
MitigationInstall update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU86563
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-42836
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to otherwise restricted functionality.
The vulnerability exists due to logic error in Sandbox. A local user can gain unauthorized access to connected network volumes mounted in the home directory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Security features bypass
EUVDB-ID: #VU86562
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-42838
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to an unspecified error within the quarantine feature. A local application can execute arbitrary code out of its sandbox or with certain elevated privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Information disclosure
EUVDB-ID: #VU86561
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-42834
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the Find My application when handling files. A local application can gain unauthorized access to sensitive user information.
MitigationInstall updates from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Insecure Temporary File
EUVDB-ID: #VU87754
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-42896
CWE-ID:
CWE-377 - Insecure Temporary File
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improper handling of temporary files in Assets. A local application can modify protected parts of the file system.
MitigationInstall update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Improper Authorization
EUVDB-ID: #VU87755
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-42931
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: Yes
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improper authorization checks in DiskArbitration. An unprivileged local process can obtain administrative privileges on the system.
Install update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Use-after-free
EUVDB-ID: #VU87756
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-42892
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in FileURL. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Install update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Race condition
EUVDB-ID: #VU87757
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-42974
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a race condition in IOUSBDeviceFamily. A local application can exploit the race and execute arbitrary code with kernel privileges.
Install update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Improper access control
EUVDB-ID: #VU87758
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-42893
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper access restrictions in Libsystem. A local application can access protected user data.
MitigationInstall update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Buffer overflow
EUVDB-ID: #VU79327
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-3618
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to buffer overflow in the Fax3Encode() function in libtiff/tif_fax3.c. A remote unauthenticated attacker can trick the victim into opening a specially crafted file and perform a denial of service attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Information disclosure
EUVDB-ID: #VU87759
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-42936
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output in Sandbox. A local application can gain unauthorized access to sensitive user information.
MitigationInstall update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Improper access control
EUVDB-ID: #VU87761
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-42930
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improper access restrictions in Shell. A local application can modify protected parts of the file system.
MitigationInstall update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Path traversal
EUVDB-ID: #VU87763
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-42947
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a local application to bypass implemented security restrictions.
The vulnerability exists due to input validation error when processing file paths in TCC. A local application can break out of its sandbox.
MitigationInstall update from vendor's website.
Vulnerable software versionsmacOS: 12.0 21A344 - 12.7.1 21G920
External linkshttp://support.apple.com/en-us/HT214037
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
