Multiple vulnerabilities in Apple macOS Ventura

1) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU78617

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32429

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to improper restriction checks in SystemMigration. A local application can bypass Privacy preferences.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds read

EUVDB-ID: #VU78610

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38258

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when processing 3D models in Model I/O. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Out-of-bounds read

EUVDB-ID: #VU78611

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38421

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when processing 3D models in Model I/O. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) NULL pointer dereference

EUVDB-ID: #VU77252

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2953

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the ber_memalloc_x() function. A remote attacker can send specially crafted data to the application and perform a denial of service (DoS) attack.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Information disclosure

EUVDB-ID: #VU78612

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38259

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to a logic error in PackageKit. A local application can gain unauthorized access to sensitive information.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Security features bypass

EUVDB-ID: #VU78613

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38564

CWE-ID: CWE-254 - Security Features

Exploit availability: No

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to an error in PackageKit. A local application can modify protected parts of the file system.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Security features bypass

EUVDB-ID: #VU78614

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38602

CWE-ID: CWE-254 - Security Features

Exploit availability: No

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to an error in PackageKit. A local application can modify protected parts of the file system.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Improper access control

EUVDB-ID: #VU78615

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32442

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to improper access restrictions in Shortcuts. A local application can modify sensitive Shortcuts app settings.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Out-of-bounds read

EUVDB-ID: #VU78616

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32443

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in sips. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Improper access control

EUVDB-ID: #VU78618

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38608

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper access restrictions in Voice Memos. A local application can access user-sensitive data.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Untrusted search path

EUVDB-ID: #VU78599

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38565

CWE-ID: CWE-426 - Untrusted Search Path

Exploit availability: No

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to usage of an untrusted search path in libxpc. A local application can execute arbitrary code with root privileges.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Security features bypass

EUVDB-ID: #VU78586

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38572

CWE-ID: CWE-254 - Security Features

Exploit availability: No

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to an error in WebKit when handling Same Origin Policy. A remote attacker can bypass Same Origin Policy restrictions.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Buffer overflow

EUVDB-ID: #VU78587

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38594

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in WebKit when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Buffer overflow

EUVDB-ID: #VU78602

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38595

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in WebKit. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Buffer overflow

EUVDB-ID: #VU78603

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38600

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in WebKit. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Buffer overflow

EUVDB-ID: #VU78604

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38611

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in WebKit. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Buffer overflow

EUVDB-ID: #VU78061

Risk: Critical

CVSSv3.1: 8.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2023-37450

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content in WebKit. A remote attacker can create a specially crafted website, trick the victim into visiting it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Note, the vulnerability is being actively exploited in the wild.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

18) Buffer overflow

EUVDB-ID: #VU78588

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38597

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in WebKit Process Model. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Information disclosure

EUVDB-ID: #VU78589

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38133

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output in WebKit Process Model. A remote attacker can gain unauthorized access to sensitive information on the system.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Input validation error

EUVDB-ID: #VU78600

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38593

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a local application to perform a denial of service (DoS) attack.

The vulnerability exists due to a logic issue in libxpc. A local application can perform a denial of service (DoS) attack.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Input validation error

EUVDB-ID: #VU78598

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38603

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in OS kernel. A remote attacker can send specially crafted input to the system and perform a denial of service (DoS) attack.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Buffer overflow

EUVDB-ID: #VU78591

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38580

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary error in Apple Neural Engine. A local application can trigger memory corruption and execute arbitrary code with kernel privileges.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Input validation error

EUVDB-ID: #VU78608

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32418

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input in Grapher. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code on the system.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Security features bypass

EUVDB-ID: #VU78605

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-36862

CWE-ID: CWE-254 - Security Features

Exploit availability: No

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to a downgrade issue affecting Intel-based Mac computers in AppleMobileFileIntegrity. A local application can determine a user’s current location.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Security features bypass

EUVDB-ID: #VU78606

Risk: Low

CVSSv3.1: 7.6 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2023-32364

CWE-ID: CWE-254 - Security Features

Exploit availability: Yes

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to a logic error in AppSandbox. A local application can bypass sandbox restrictions.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

26) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU78607

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-35983

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to improperly imposed security restrictions in Assets. A local application can modify protected parts of the file system.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Use-after-free

EUVDB-ID: #VU76233

Risk: Low

CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-28319

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to a use-after-free error when checking the SSH sha256 fingerprint. A remote attacker can use the application to connect to a malicious SSH server, trigger a use-after-free error and gain access to potentially sensitive information.

Successful exploitation of the vulnerability requires usage of the the CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256 option, and also CURLOPT_VERBOSE or CURLOPT_ERRORBUFFER options have to be set.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Improper synchronization

EUVDB-ID: #VU76235

Risk: Low

CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-28320

CWE-ID: CWE-662 - Improper Synchronization

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper synchronization when resolving host names using the alarm() and siglongjmp() function. A remote attacker can force the application to crash by influencing contents of the global buffer.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Improper certificate validation

EUVDB-ID: #VU76237

Risk: Medium

CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-28321

CWE-ID: CWE-295 - Improper Certificate Validation

Exploit availability: No

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to improper certificate validation when matching wildcards in TLS certificates for IDN names. A remote attacker crate a specially crafted certificate that will be considered trusted by the library.

Successful exploitation of the vulnerability requires that curl is built to use OpenSSL, Schannel or Gskit.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Expected behavior violation

EUVDB-ID: #VU76238

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-28322

CWE-ID: CWE-440 - Expected Behavior Violation

Exploit availability: No

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to a logic error when sending HTTP POST and PUT requests using the same handle. The libcurl can erroneously use the read callback (CURLOPT_READFUNCTION) to ask for data to send, even when the CURLOPT_POSTFIELDS option has been set, if the same handle previously was used to issue a PUT request which used that callback. As a result, the application can misbehave and either send off the wrong data or use memory after free or similar in the second transfer.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Information disclosure

EUVDB-ID: #VU78581

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32416

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output in the Find My feature. A local application can read sensitive location information.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Input validation error

EUVDB-ID: #VU78609

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-36854

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input in Grapher. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code on the system.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Buffer overflow

EUVDB-ID: #VU78583

Risk: High

CVSSv3.1: 8.4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2023-38606

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary error within the OS kernel. A local application can trigger memory corruption and execute arbitrary code with elevated privileges.

Note, the vulnerability is being actively exploited in the wild.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

34) Buffer overflow

EUVDB-ID: #VU78592

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32734

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a local application can escalate privileges on the system.

The vulnerability exists due to a boundary error in OS kernel. A local application can trigger memory corruption and execute arbitrary code with kernel privileges.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Buffer overflow

EUVDB-ID: #VU78582

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32441

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the OS kernel. A local application can  trigger memory corruption and execute arbitrary code with elevated privileges.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Buffer overflow

EUVDB-ID: #VU78593

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38261

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a local application can escalate privileges on the system.

The vulnerability exists due to a boundary error in OS kernel. A local application can trigger memory corruption and execute arbitrary code with kernel privileges.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Buffer overflow

EUVDB-ID: #VU78594

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38424

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a local application can escalate privileges on the system.

The vulnerability exists due to a boundary error in OS kernel. A local application can trigger memory corruption and execute arbitrary code with kernel privileges.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Buffer overflow

EUVDB-ID: #VU78595

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38425

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a local application can escalate privileges on the system.

The vulnerability exists due to a boundary error in OS kernel. A local application can trigger memory corruption and execute arbitrary code with kernel privileges.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Use-after-free

EUVDB-ID: #VU78596

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32381

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local application to escalate privileges on the system.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Use-after-free

EUVDB-ID: #VU78584

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32433

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the OS kernel. A local application can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Use-after-free

EUVDB-ID: #VU78585

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-35993

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the OS kernel. A local application can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Buffer overflow

EUVDB-ID: #VU78597

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38410

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary error within the OS kernel. A local application can trigger memory corruption and execute arbitrary code with elevated privileges.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) State Issues

EUVDB-ID: #VU78774

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32654

CWE-ID: CWE-371 - State Issues

Exploit availability: No

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a state issue in Time Zone. A local user can read information belonging to another user.

Install updates from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:*

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Use-after-free

EUVDB-ID: #VU78765

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38598

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the OS kernel. A local application can trigger a use-after-free error and execute arbitrary code with kernel privileges.

Install updates from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:*

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Out-of-bounds write

EUVDB-ID: #VU78768

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38604

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a local application to escalate privileges on the system.

Install updates from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:*

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Buffer overflow

EUVDB-ID: #VU78764

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38590

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the OS kernel. A remote attacker can send specially crafted data to the system, trigger memory corruption and crash the kernel.

Install updates from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:*

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Buffer overflow

EUVDB-ID: #VU78762

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-34425

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a local application to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in Apple Neural Engine. A local application can trigger memory corruption and execute arbitrary code with kernel privileges.

Install updates from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:*

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Code Injection

EUVDB-ID: #VU78773

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38609

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to improper input validation in PackageKit. A local application can pass specially crafted data to the affected application and bypass certain Privacy preferences.

Install updates from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:*

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Integer overflow

EUVDB-ID: #VU78766

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-36495

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to integer overflow within the OS kernel. A local application can trigger an integer overflow and execute arbitrary code with kernel privileges.

Install updates from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:*

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) UNIX symbolic link following

EUVDB-ID: #VU78769

Risk: Low

CVSSv3.1: 3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2023-38571

CWE-ID: CWE-61 - UNIX Symbolic Link (Symlink) Following

Exploit availability: Yes

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to a symlink following issue within the Music component. A local application can create a specially crafted symbolic link to a critical file on the system and bypass Privacy preferences.

Install updates from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:*

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

51) Security features bypass

EUVDB-ID: #VU78771

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38601

CWE-ID: CWE-254 - Security Features

Exploit availability: No

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to improper access restrictions within the Net-SNMP component. A local application can modify protected parts of the file system.

Install updates from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:*

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Security features bypass

EUVDB-ID: #VU78772

Risk: Low

CVSSv3.1: 4.5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32444

CWE-ID: CWE-254 - Security Features

Exploit availability: No

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to a logic error in NSSpellChecker. A local application can bypass sandbox restrictions.

Install updates from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:*

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Out-of-bounds read

EUVDB-ID: #VU78767

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-37285

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary condition within the OS kernel. A local application can trigger an out-of-bounds read error and execute arbitrary code with kernel privileges.

Install updates from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:*

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Universal cross-site scripting

EUVDB-ID: #VU78776

Risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32445

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in WebKit. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of arbitrary website.

Install update from vendor's website.

macOS: before 13.5 22G74

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Use-after-free

EUVDB-ID: #VU77641

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-34241

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error in cupsdAcceptClient(). A remote attacker can cause a denial of service condition on the target system.

Install update from vendor's website.

macOS: before 13.5 22G74

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Buffer overflow

EUVDB-ID: #VU78777

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38592

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in WebKit when processing HTML content. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install update from vendor's website.

macOS: before 13.5 22G74

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Information disclosure

EUVDB-ID: #VU78775

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38599

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a logic issue in WebKit, related to user's privacy. A remote attacker can sensitive user information.

Install update from vendor's website.

macOS: before 13.5 22G74

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Information disclosure

EUVDB-ID: #VU80601

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38605

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the Weather application. A local application can determine a user’s current location.

Install updates from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:*

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Race condition

EUVDB-ID: #VU80599

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38616

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition in AMD subsystem. A local user can exploit the race and execute arbitrary code with kernel privileges.

Install updates from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:*

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Information disclosure

EUVDB-ID: #VU80600

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-40392

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the CFNetwork. A local application can read sensitive location information.

Install updates from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:*

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Integer overflow

EUVDB-ID: #VU69585

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3970

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow within the TIFFReadRGBATileExt() function in libtiff/tif_getimage.c. A remote attacker can trick the victim to open a specially crafted TIFF file, trigger an integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install update from vendor's website.

macOS: before 13.5 22G74

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Input validation error

EUVDB-ID: #VU74101

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-28200

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to insufficient input validation within the OS kernel. A local application can disclose kernel memory.

Install update from vendor's website.

macOS: before 13.5 22G74

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Buffer overflow

EUVDB-ID: #VU75141

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-29491

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a local user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing malformed data in a terminfo database file. A local user can trigger memory corruption and execute arbitrary code on the target system.

Install update from vendor's website.

macOS: before 13.5 22G74

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Code Injection

EUVDB-ID: #VU80603

Risk: High

CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-40397

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary JavaScript code on the target system.

The vulnerability exists due to improper input validation. A remote attacker can trick the victim to visit a specially crafted webpage and execute arbitrary JavaScript code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise the affected system.

Install update from vendor's website.

macOS: before 13.5 22G74

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU84747

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42828

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to crontabs does not properly impose security restrictions. A local application can execute arbitrary code with root privileges.

Install updates from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:*

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Inclusion of Sensitive Information in Log Files

EUVDB-ID: #VU82746

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-40439

CWE-ID: CWE-532 - Information Exposure Through Log Files

Exploit availability: No

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to Accounts application stores sensitive information in log files. A malicious application can read the log files and gain access to sensitive location information.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Inclusion of Sensitive Information in Log Files

EUVDB-ID: #VU82747

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-40437

CWE-ID: CWE-532 - Information Exposure Through Log Files

Exploit availability: No

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to "Find My"  features stores sensitive information into log files. A local application can read the log files and gain access to sensitive location information.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Cryptographic issues

EUVDB-ID: #VU80605

Risk: Low

CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-40440

CWE-ID: CWE-310 - Cryptographic Issues

Exploit availability: No

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to a state error within the Mail subsystem. The S/MIME encrypted email messages can be inadvertently sent unencrypted.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Heap-based buffer overflow

EUVDB-ID: #VU79570

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1916

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the extractImageSection() function in tools/tiffcrop.c. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and perform a denial of service (DoS) attack.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) State Issues

EUVDB-ID: #VU84741

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42829

CWE-ID: CWE-371 - State Issues

Exploit availability: No

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to a state issue in OpenSSH implementation. A local application can access SSH passphrases.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

71) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU84742

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42831

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper security restrictions within the Security component. A local application can fingerprint the user.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

72) Race condition

EUVDB-ID: #VU84743

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42832

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a race condition within the Software Update feature. A local application can exploit the race and execute arbitrary code with root privileges.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

73) Out-of-bounds write

EUVDB-ID: #VU79709

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1801

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error  within the SMB protocol decoder. A remote attacker can send specially crafted over the network, trigger an out-of-bounds write and crash the application.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

74) Use of Out-of-range Pointer Offset

EUVDB-ID: #VU76670

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2426

CWE-ID: CWE-823 - Use of Out-of-range Pointer Offset

Exploit availability: No

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to an out-of-range pointer offset within the mb_charlen() function in mbyte.c. A remote attacker can trick the victim to open a specially crafted file and crash the application.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

75) NULL pointer dereference

EUVDB-ID: #VU76671

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2609

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the get_register() function in register.c. A remote attacker can trick the victim to open a specially crafted file and crash the application.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

76) Integer overflow

EUVDB-ID: #VU76672

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2610

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow within the regtilde() function in regexp.c. A remote attacker can trick the victim to open a specially crafted file, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

77) Buffer overflow

EUVDB-ID: #VU84748

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-42866

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content in WebKit. A remote attacker can trick the victim to open a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install update from vendor's website.

macOS: 13.0 22A380 - 13.4.1 22F82

• cpe:2.3:o:apple:macos:13.4.1:22F82:*:*:*:*:*:

http://support.apple.com/en-us/HT213843

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.