Main Vulnerability Database Vulnerabilities #VU87755

#VU87755 Improper Authorization in macOS - CVE-2023-42931

Published: March 25, 2024 / Updated: April 9, 2024

Vulnerability identifier: #VU87755

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear

CVE-ID: CVE-2023-42931

CWE-ID: CWE-285

Exploitation vector: Local access

Exploit availability: Public exploit is available

Vulnerable software:
macOS

Software vendor:
Apple Inc.

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to improper authorization checks in DiskArbitration. An unprivileged local process can obtain administrative privileges on the system.

Remediation

Install updates from vendor's website.

External links

https://support.apple.com/en-us/HT214036

#VU87755 Improper Authorization in macOS - CVE-2023-42931

Description

Remediation

External links

Please verify you're human