#VU76346 State Issues in macOS - CVE-2023-28202
Published: May 18, 2023
Vulnerability identifier: #VU76346
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2023-28202
CWE-ID: CWE-371
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
macOS
macOS
Software vendor:
Apple Inc.
Apple Inc.
Description
The vulnerability may allow local application to bypass implemented security issues.
The vulnerability exists due to state management issue in System Settings. An app firewall setting may not take effect after exiting the Settings app.
Remediation
Install updates from vendor's website.