Main Vulnerability Database Exploits ID:10252 - Exploit for Inclusion of Sensitive Information in Log Files in macOS - CVE-2023-32422

ID:10252 - Exploit for Inclusion of Sensitive Information in Log Files in macOS - CVE-2023-32422

Published: July 26, 2024

Vulnerability identifier: #VU76344

Vulnerability risk: Low

CVE-ID: CVE-2023-32422

CWE-ID: CWE-532

Exploitation vector: Local access

Vulnerable software:
macOS

Link to public exploit:

https://github.com/gergelykalman/CVE-2023-32422-a-macOS-TCC-bypass-in-sqlite

Vulnerability description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to SQLite stores sensitive information into log files. A local application can access data from other apps by enabling additional SQLite logging.

Remediation

Install updates from vendor's website.

ID:10252 - Exploit for Inclusion of Sensitive Information in Log Files in macOS - CVE-2023-32422

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human