Lucene search

AppleAPPLE:138DC64ECE1F07104C6EF7D22CA29AAF

HistoryOct 24, 2022 - 12:00 a.m.

About the security content of macOS Ventura 13

2022-10-2400:00:00

support.apple.com

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.2 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.8%

JSON

About the security content of macOS Ventura 13

This document describes the security content of macOS Ventura 13.

About Apple security updates

For our customers’ protection, Apple doesn’t disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.

Apple security documents reference vulnerabilities by CVE-ID when possible.

For more information about security, see the Apple Product Security page.

macOS Ventura 13

Released October 24, 2022

Accelerate Framework

Available for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)

Impact: Processing a maliciously crafted image may lead to arbitrary code execution

Description: A memory consumption issue was addressed with improved memory handling.

CVE-2022-42795: ryuzaki

APFS

Impact: An app may be able to access user-sensitive data

Description: An access issue was addressed with improved access restrictions.

CVE-2022-48577: Csaba Fitzl (@theevilbit) of Offensive Security

Entry added December 21, 2023

Apple Neural Engine

Impact: An app may be able to leak sensitive kernel state

Description: The issue was addressed with improved memory handling.

CVE-2022-32858: Mohamed Ghannam (@_simo36)

Apple Neural Engine

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-32898: Mohamed Ghannam (@_simo36)

CVE-2022-32899: Mohamed Ghannam (@_simo36)

CVE-2022-46721: Mohamed Ghannam (@_simo36)

CVE-2022-47915: Mohamed Ghannam (@_simo36)

CVE-2022-47965: Mohamed Ghannam (@_simo36)

CVE-2022-32889: Mohamed Ghannam (@_simo36)

Entry updated December 21, 2023

AppleAVD

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: This issue was addressed with improved checks.

CVE-2022-32907: Yinyi Wu, ABC Research s.r.o, Natalie Silvanovich of Google Project Zero, Tommaso Bianco (@cutesmilee__), Antonio Zekic (@antoniozekic), and John Aakerblom (@jaakerblom)

Entry added March 16, 2023

AppleAVD

Impact: An app may be able to cause a denial-of-service

Description: A memory corruption issue was addressed with improved state management.

CVE-2022-32827: Antonio Zekic (@antoniozekic), Natalie Silvanovich of Google Project Zero, and an anonymous researcher

AppleMobileFileIntegrity

Impact: An app may be able to access user-sensitive data

Description: A configuration issue was addressed with additional restrictions.

CVE-2022-32877: Wojciech Reguła (@_r3ggi) of SecuRing

Entry added March 16, 2023

AppleMobileFileIntegrity

Impact: An app may be able to access user-sensitive data

Description: An issue in code signature validation was addressed with improved checks.

CVE-2022-42789: Koh M. Nakagawa of FFRI Security, Inc.

AppleMobileFileIntegrity

Impact: An app may be able to modify protected parts of the file system

Description: This issue was addressed by removing additional entitlements.

CVE-2022-42825: Mickey Jin (@patch1t)

Assets

Impact: An app may be able to modify protected parts of the file system

Description: A logic issue was addressed with improved checks.

CVE-2022-46722: Mickey Jin (@patch1t)

Entry added August 1, 2023

ATS

Impact: An app may be able to bypass Privacy preferences

Description: A logic issue was addressed with improved state management.

CVE-2022-32902: Mickey Jin (@patch1t)

ATS

Impact: An app may be able to access user-sensitive data

Description: An access issue was addressed with additional sandbox restrictions.

CVE-2022-32904: Mickey Jin (@patch1t)

ATS

Impact: A sandboxed process may be able to circumvent sandbox restrictions

Description: A logic issue was addressed with improved checks.

CVE-2022-32890: Mickey Jin (@patch1t)

Audio

Impact: An app may be able to gain elevated privileges

Description: This issue was addressed by removing the vulnerable code.

CVE-2022-42796: Mickey Jin (@patch1t)

Entry updated March 16, 2023

Audio

Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information

Description: The issue was addressed with improved memory handling.

CVE-2022-42798: Anonymous working with Trend Micro Zero Day Initiative

Entry added October 27, 2022

AVEVideoEncoder

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved bounds checks.

CVE-2022-32940: ABC Research s.r.o.

Beta Access Utility

Impact: An app may be able to modify protected parts of the file system

Description: A logic issue was addressed with improved state management.

CVE-2022-42816: Mickey Jin (@patch1t)

Entry added December 21, 2023

BOM

Impact: An app may bypass Gatekeeper checks

Description: A logic issue was addressed with improved checks.

CVE-2022-42821: Jonathan Bar Or of Microsoft

Entry added December 13, 2022

Boot Camp

Impact: An app may be able to modify protected parts of the file system

Description: This issue was addressed with improved checks to prevent unauthorized actions.

CVE-2022-42860: Mickey Jin (@patch1t) of Trend Micro

Entry added March 16, 2023

Calendar

Impact: An app may be able to read sensitive location information

Description: An access issue was addressed with improved access restrictions.

CVE-2022-42819: an anonymous researcher

CFNetwork

Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution

Description: A certificate validation issue existed in the handling of WKWebView. This issue was addressed with improved validation.

CVE-2022-42813: Jonathan Zhang of Open Computing Facility (ocf.berkeley.edu)

ColorSync

Impact: Processing a maliciously crafted image may lead to arbitrary code execution

Description: A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation.

CVE-2022-26730: David Hoyt of Hoyt LLC

Core Bluetooth

Impact: An app may be able to record audio with paired AirPods

Description: An access issue was addressed with additional sandbox restrictions on third-party apps.

CVE-2022-32945: Guilherme Rambo of Best Buddy Apps (rambo.codes)

Entry added November 9, 2022

CoreMedia

Impact: A camera extension may be able to continue receiving video after the app which activated was closed

Description: An issue with app access to camera data was addressed with improved logic.

CVE-2022-42838: Halle Winkler (@hallewinkler) of Politepix

Entry added December 22, 2022

CoreTypes

Impact: A malicious application may bypass Gatekeeper checks

Description: This issue was addressed with improved checks to prevent unauthorized actions.

CVE-2022-22663: Arsenii Kostromin (0x3c3e)

Entry added March 16, 2023

Crash Reporter

Impact: A user with physical access to an iOS device may be able to read past diagnostic logs

Description: This issue was addressed with improved data protection.

CVE-2022-32867: Kshitij Kumar and Jai Musunuri of Crowdstrike

curl

Impact: Multiple issues in curl

Description: Multiple issues were addressed by updating to curl version 7.84.0.

CVE-2022-32205

CVE-2022-32206

CVE-2022-32207

CVE-2022-32208

Directory Utility

Impact: An app may be able to access user-sensitive data

Description: A logic issue was addressed with improved checks.

CVE-2022-42814: Sergii Kryvoblotskyi of MacPaw Inc.

DriverKit

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-32865: Linus Henze of Pinauten GmbH (pinauten.de)

DriverKit

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A type confusion issue was addressed with improved checks.

CVE-2022-32915: Tommy Muir (@Muirey03)

Exchange

Impact: A user in a privileged network position may be able to intercept mail credentials

Description: A logic issue was addressed with improved restrictions.

CVE-2022-32928: Jiří Vinopal (@vinopaljiri) of Check Point Research

Entry updated March 16, 2023

FaceTime

Impact: A user may send audio and video in a FaceTime call without knowing that they have done so

Description: This issue was addressed with improved checks.

CVE-2022-22643: Sonali Luthar of the University of Virginia, Michael Liao of the University of Illinois at Urbana-Champaign, Rohan Pahwa of Rutgers University, and Bao Nguyen of University of Florida

Entry added March 16, 2023

FaceTime

Impact: A user may be able to view restricted content from the lock screen

Description: A lock screen issue was addressed with improved state management.

CVE-2022-32935: Bistrit Dahal

Entry added October 27, 2022

Find My

Impact: A malicious application may be able to read sensitive location information

Description: A permissions issue existed. This issue was addressed with improved permission validation.

CVE-2022-42788: Csaba Fitzl (@theevilbit) of Offensive Security, Wojciech Reguła of SecuRing (wojciechregula.blog)

Find My

Impact: An app may be able to access user-sensitive data

Description: The issue was addressed with improved handling of caches.

CVE-2022-48504: Csaba Fitzl (@theevilbit) of Offensive Security

Entry added December 21, 2023

Finder

Impact: Processing a maliciously crafted DMG file may lead to arbitrary code execution with system privileges

Description: This issue was addressed with improved validation of symlinks.

CVE-2022-32905: Ron Masas (breakpoint.sh) of BreakPoint Technologies LTD

GPU Drivers

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2022-42833: Pan ZhenPeng (@Peterpan0927)

Entry added December 22, 2022

GPU Drivers

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-32947: Asahi Lina (@LinaAsahi)

Grapher

Impact: Processing a maliciously crafted gcx file may lead to unexpected app termination or arbitrary code execution

Description: The issue was addressed with improved memory handling.

CVE-2022-42809: Yutao Wang (@Jack) and Yu Zhou (@yuzhou6666)

Heimdal

Impact: A user may be able to cause unexpected app termination or arbitrary code execution

Description: This issue was addressed with improved checks.

CVE-2022-3437: Evgeny Legerov of Intevydis

Entry added October 25, 2022

iCloud Photo Library

Impact: An app may be able to access user-sensitive data

Description: An information disclosure issue was addressed by removing the vulnerable code.

CVE-2022-32849: Joshua Jones

Entry added November 9, 2022

Image Processing

Impact: A sandboxed app may be able to determine which app is currently using the camera

Description: The issue was addressed with additional restrictions on the observability of app states.

CVE-2022-32913: Yiğit Can YILMAZ (@yilmazcanyigit)

ImageIO

Impact: Processing an image may lead to a denial-of-service

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2022-32809: Mickey Jin (@patch1t)

Entry added August 1, 2023

ImageIO

Impact: Processing an image may lead to a denial-of-service

Description: A denial-of-service issue was addressed with improved validation.

CVE-2022-1622

Intel Graphics Driver

Impact: An app may be able to disclose kernel memory

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2022-32936: Antonio Zekic (@antoniozekic)

IOHIDFamily

Impact: An app may cause unexpected app termination or arbitrary code execution

Description: A memory corruption issue was addressed with improved state management.

CVE-2022-42820: Peter Pan ZhenPeng of STAR Labs

IOKit

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A race condition was addressed with improved locking.

CVE-2022-42806: Tingting Yin of Tsinghua University

Kernel

Impact: An app may be able to disclose kernel memory

Description: The issue was addressed with improved memory handling.

CVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de)

Kernel

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-32866: Linus Henze of Pinauten GmbH (pinauten.de)

CVE-2022-32911: Zweig of Kunlun Lab

CVE-2022-32924: Ian Beer of Google Project Zero

Kernel

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A use after free issue was addressed with improved memory management.

CVE-2022-32914: Zweig of Kunlun Lab

Kernel

Impact: A remote user may be able to cause kernel code execution

Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2022-42808: Zweig of Kunlun Lab

Kernel

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved state management.

CVE-2022-32944: Tim Michaud (@TimGMichaud) of Moveworks.ai

Entry added October 27, 2022

Kernel

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A race condition was addressed with improved locking.

CVE-2022-42803: Xinru Chi of Pangu Lab, John Aakerblom (@jaakerblom)

Entry added October 27, 2022

Kernel

Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved bounds checks.

CVE-2022-32926: Tim Michaud (@TimGMichaud) of Moveworks.ai

Entry added October 27, 2022

Kernel

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A logic issue was addressed with improved checks.

CVE-2022-42801: Ian Beer of Google Project Zero

Entry added October 27, 2022

Kernel

Impact: An app may be able to cause unexpected system termination or potentially execute code with kernel privileges

Description: A use after free issue was addressed with improved memory management.

CVE-2022-46712: Tommy Muir (@Muirey03)

Entry added February 20, 2023

Mail

Impact: An app may be able to access user-sensitive data

Description: This issue was addressed with improved data protection.

CVE-2022-42815: Csaba Fitzl (@theevilbit) of Offensive Security

Mail

Impact: An app may be able to access mail folder attachments through a temporary directory used during compression

Description: An access issue was addressed with improved access restrictions.

CVE-2022-42834: Wojciech Reguła (@_r3ggi) of SecuRing

Entry added May 1, 2023

Maps

Impact: An app may be able to read sensitive location information

Description: This issue was addressed with improved restrictions around sensitive information.

CVE-2022-46707: Csaba Fitzl (@theevilbit) of Offensive Security

Entry added August 1, 2023

Maps

Impact: An app may be able to read sensitive location information

Description: A logic issue was addressed with improved restrictions.

CVE-2022-32883: Ron Masas of breakpointhq.com

MediaLibrary

Impact: A user may be able to elevate privileges

Description: A memory corruption issue was addressed with improved input validation.

CVE-2022-32908: an anonymous researcher

Model I/O

Impact: Processing a maliciously crafted USD file may disclose memory contents

Description: The issue was addressed with improved memory handling.

CVE-2022-42810: Xingwei Lin (@xwlin_roy) and Yinyi Wu of Ant Security Light-Year Lab

Entry added October 27, 2022

ncurses

Impact: A user may be able to cause unexpected app termination or arbitrary code execution

Description: A buffer overflow was addressed with improved bounds checking.

CVE-2021-39537

ncurses

Impact: Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents

Description: A denial-of-service issue was addressed with improved validation.

CVE-2022-29458

Notes

Impact: A user in a privileged network position may be able to track user activity

Description: This issue was addressed with improved data protection.

CVE-2022-42818: Gustav Hansen from WithSecure

Notifications

Impact: A user with physical access to a device may be able to access contacts from the lock screen

Description: A logic issue was addressed with improved state management.

CVE-2022-32879: Ubeydullah Sümer

PackageKit

Impact: An app may be able to modify protected parts of the file system

Description: A race condition was addressed with improved state handling.

CVE-2022-32895: Mickey Jin (@patch1t) of Trend Micro, Mickey Jin (@patch1t)

PackageKit

Impact: An app may be able to modify protected parts of the file system

Description: A race condition was addressed with additional validation.

CVE-2022-46713: Mickey Jin (@patch1t) of Trend Micro

Entry added February 20, 2023

Photos

Impact: A user may accidentally add a participant to a Shared Album by pressing the Delete key

Description: A logic issue was addressed with improved state management.

CVE-2022-42807: Ezekiel Elin

Entry added May 1, 2023, updated August 1, 2023

Photos

Impact: An app may be able to bypass Privacy preferences

Description: This issue was addressed with improved data protection.

CVE-2022-32918: Ashwani Rajput of Nagarro Software Pvt. Ltd, Srijan Shivam Mishra of The Hack Report, Jugal Goradia of Aastha Technologies, Evan Ricafort (evanricafort.com) of Invalid Web Security, Shesha Sai C (linkedin.com/in/shesha-sai-c-18585b125), and Amod Raghunath Patwardhan of Pune, India

Entry updated March 16, 2023

ppp

Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges

Description: A use after free issue was addressed with improved memory management.

CVE-2022-42829: an anonymous researcher

ppp

Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-42830: an anonymous researcher

ppp

Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges

Description: A race condition was addressed with improved locking.

CVE-2022-42831: an anonymous researcher

CVE-2022-42832: an anonymous researcher

ppp

Impact: A buffer overflow may result in arbitrary code execution

Description: The issue was addressed with improved bounds checks.

CVE-2022-32941: an anonymous researcher

Entry added October 27, 2022

Ruby

Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution

Description: A memory corruption issue was addressed by updating Ruby to version 2.6.10.

CVE-2022-28739

Sandbox

Impact: An app may be able to modify protected parts of the file system

Description: A logic issue was addressed with improved restrictions.

CVE-2022-32881: Csaba Fitzl (@theevilbit) of Offensive Security

Sandbox

Impact: An app with root privileges may be able to access private information

Description: This issue was addressed with improved data protection.

CVE-2022-32862: Rohit Chatterjee of University of Illinois Urbana-Champaign

CVE-2022-32931: an anonymous researcher

Entry updated March 16, 2023, updated December 21, 2023

Sandbox

Impact: An app may be able to access user-sensitive data

Description: An access issue was addressed with additional sandbox restrictions.

CVE-2022-42811: Justin Bui (@slyd0g) of Snowflake

Security

Impact: An app may be able to bypass code signing checks

Description: An issue in code signature validation was addressed with improved checks.

CVE-2022-42793: Linus Henze of Pinauten GmbH (pinauten.de)

Shortcuts

Impact: A shortcut may be able to view the hidden photos album without authentication

Description: A logic issue was addressed with improved restrictions.

CVE-2022-32876: an anonymous researcher

Entry added August 1, 2023

Shortcuts

Impact: A shortcut may be able to check the existence of an arbitrary path on the file system

Description: A parsing issue in the handling of directory paths was addressed with improved path validation.

CVE-2022-32938: Cristian Dinca of Tudor Vianu National High School of Computer Science of. Romania

Sidecar

Impact: A user may be able to view restricted content from the lock screen

Description: A logic issue was addressed with improved state management.

CVE-2022-42790: Om kothawade of Zaprico Digital

Siri

Impact: A user with physical access to a device may be able to use Siri to obtain some call history information

Description: A logic issue was addressed with improved state management.

CVE-2022-32870: Andrew Goldberg of The McCombs School of Business, The University of Texas at Austin (linkedin.com/in/andrew-goldberg-/)

SMB

Impact: A remote user may be able to cause kernel code execution

Description: The issue was addressed with improved memory handling.

CVE-2022-32934: Felix Poulin-Belanger

Software Update

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A race condition was addressed with improved state handling.

CVE-2022-42791: Mickey Jin (@patch1t) of Trend Micro

SQLite

Impact: A remote user may be able to cause a denial-of-service

Description: This issue was addressed with improved checks.

CVE-2021-36690

System Settings

Impact: An app may be able to modify protected parts of the file system

Description: This issue was addressed with improved data protection.

CVE-2022-48505: Adam Chester from TrustedSec and Thijs Alkemade (@xnyhps) of Computest Sector 7

Entry added June 26, 2023

TCC

Impact: An app may be able to cause a denial-of-service to Endpoint Security clients

Description: A logic issue was addressed with improved state management.

CVE-2022-26699: Csaba Fitzl (@theevilbit) of Offensive Security

Entry added August 1, 2023

Vim

Impact: Multiple issues in Vim

Description: Multiple issues were addressed by updating Vim.

CVE-2022-0261

CVE-2022-0318

CVE-2022-0319

CVE-2022-0351

CVE-2022-0359

CVE-2022-0361

CVE-2022-0368

CVE-2022-0392

CVE-2022-0554

CVE-2022-0572

CVE-2022-0629

CVE-2022-0685

CVE-2022-0696

CVE-2022-0714

CVE-2022-0729

CVE-2022-0943

CVE-2022-1381

CVE-2022-1420

CVE-2022-1725

CVE-2022-1616

CVE-2022-1619

CVE-2022-1620

CVE-2022-1621

CVE-2022-1629

CVE-2022-1674

CVE-2022-1733

CVE-2022-1735

CVE-2022-1769

CVE-2022-1927

CVE-2022-1942

CVE-2022-1968

CVE-2022-1851

CVE-2022-1897

CVE-2022-1898

CVE-2022-1720

CVE-2022-2000

CVE-2022-2042

CVE-2022-2124

CVE-2022-2125

CVE-2022-2126

VPN

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-42828: an anonymous researcher

Entry added August 1, 2023

Weather

Impact: An app may be able to read sensitive location information

Description: A logic issue was addressed with improved state management.

CVE-2022-32875: an anonymous researcher

WebKit

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A use after free issue was addressed with improved memory management.

WebKit Bugzilla: 246669
CVE-2022-42826: Francisco Alonso (@revskills)

Entry added December 22, 2022

WebKit

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A buffer overflow issue was addressed with improved memory handling.

WebKit Bugzilla: 241969
CVE-2022-32886: P1umer (@p1umer), afang (@afang5472), xmzyshypnc (@xmzyshypnc1)

WebKit

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: An out-of-bounds write issue was addressed with improved bounds checking.

WebKit Bugzilla: 242047
CVE-2022-32888: P1umer (@p1umer)

WebKit

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: An out-of-bounds read was addressed with improved bounds checking.

WebKit Bugzilla: 242762
CVE-2022-32912: Jeonghoon Shin (@singi21a) at Theori working with Trend Micro Zero Day Initiative

WebKit

Impact: Visiting a malicious website may lead to user interface spoofing

Description: The issue was addressed with improved UI handling.

WebKit Bugzilla: 243693
CVE-2022-42799: Jihwan Kim (@gPayl0ad), Dohyun Lee (@l33d0hyun)

WebKit

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A type confusion issue was addressed with improved memory handling.

WebKit Bugzilla: 244622
CVE-2022-42823: Dohyun Lee (@l33d0hyun) of SSD Labs

WebKit

Impact: Processing maliciously crafted web content may disclose sensitive user information

Description: A logic issue was addressed with improved state management.

WebKit Bugzilla: 245058
CVE-2022-42824: Abdulrahman Alqabandi of Microsoft Browser Vulnerability Research, Ryan Shin of IAAI SecLab at Korea University, Dohyun Lee (@l33d0hyun) of DNSLab at Korea University

WebKit

Impact: Processing maliciously crafted web content may disclose internal states of the app

Description: A correctness issue in the JIT was addressed with improved checks.

WebKit Bugzilla: 242964
CVE-2022-32923: Wonyoung Jung (@nonetype_pwn) of KAIST Hacking Lab

Entry added October 27, 2022

WebKit PDF

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A use after free issue was addressed with improved memory management.

WebKit Bugzilla: 242781
CVE-2022-32922: Yonghwi Jin (@jinmo123) at Theori working with Trend Micro Zero Day Initiative

WebKit Sandboxing

Impact: A sandboxed process may be able to circumvent sandbox restrictions

Description: An access issue was addressed with improvements to the sandbox.

WebKit Bugzilla: 243181
CVE-2022-32892: @18楼梦想改造家 and @jq0904 of DBAppSecurity’s WeBin lab

WebKit Storage

Impact: An app may be able to bypass Privacy preferences

Description: The issue was addressed with improved handling of caches.

CVE-2022-32833: Csaba Fitzl (@theevilbit) of Offensive Security, Jeff Johnson

Entry added December 22, 2022

Wi-Fi

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved state management.

CVE-2022-46709: Wang Yu of Cyberserval

Entry added March 16, 2023

zlib

Impact: A user may be able to cause unexpected app termination or arbitrary code execution

Description: This issue was addressed with improved checks.

CVE-2022-37434: Evgeny Legerov

CVE-2022-42800: Evgeny Legerov

Entry added October 27, 2022

Additional recognition

AirPort

We would like to acknowledge Joseph Salazar Acuña and Renato Llamoca of Intrado-Life & Safety/Globant for their assistance.

apache

We would like to acknowledge Tricia Lee of Enterprise Service Center for their assistance.

Entry added March 16, 2023

AppleCredentialManager

We would like to acknowledge @jonathandata1 for their assistance.

ATS

We would like to acknowledge Mickey Jin (@patch1t) for their assistance.

Entry added August 1, 2023

FaceTime

We would like to acknowledge an anonymous researcher for their assistance.

FileVault

We would like to acknowledge Timothy Perfitt of Twocanoes Software for their assistance.

Find My

We would like to acknowledge an anonymous researcher for their assistance.

Identity Services

We would like to acknowledge Joshua Jones for their assistance.

IOAcceleratorFamily

We would like to acknowledge Antonio Zekic (@antoniozekic) for their assistance.

IOGPUFamily

We would like to acknowledge Wang Yu of cyberserval for their assistance.

Entry added November 9, 2022

Kernel

We would like to acknowledge Peter Nguyen of STAR Labs, Tim Michaud (@TimGMichaud) of Moveworks.ai, Tingting Yin of Tsinghua University, and Min Zheng of Ant Group, Tommy Muir (@Muirey03), and an anonymous researcher for their assistance.

Login Window

We would like to acknowledge Simon Tang (simontang.dev) for their assistance.

Entry added November 9, 2022

Mail

We would like to acknowledge Taavi Eomäe from Zone Media OÜ and an anonymous researcher for their assistance.

Entry updated December 21, 2023

Mail Drafts

We would like to acknowledge an anonymous researcher for their assistance.

Networking

We would like to acknowledge Tim Michaud (@TimGMichaud) of Zoom Video Communications for their assistance.

Photo Booth

We would like to acknowledge Prashanth Kannan of Dremio for their assistance.

Quick Look

We would like to acknowledge Hilary “It’s off by a Pixel” Street for their assistance.

Safari

We would like to acknowledge Scott Hatfield of Sub-Zero Group for their assistance.

Entry added March 16, 2023

Sandbox

We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance.

SecurityAgent

We would like to acknowledge Security Team Netservice de Toekomst, an anonymous researcher for their assistance.

Entry added December 21, 2023

smbx

We would like to acknowledge HD Moore of runZero Asset Inventory for their assistance.

System

We would like to acknowledge Mickey Jin (@patch1t) of Trend Micro for their assistance.

System Settings

We would like to acknowledge Bjorn Hellenbrand for their assistance.

UIKit

We would like to acknowledge Aleczander Ewing for their assistance.

WebKit

We would like to acknowledge Maddie Stone of Google Project Zero, Narendra Bhati (@imnarendrabhati) of Suma Soft Pvt. Ltd., and an anonymous researcher for their assistance.

WebRTC

We would like to acknowledge an anonymous researcher for their assistance.

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.

Published Date: December 22, 2023

CPENameOperatorVersion
macos venturalt13

CPE	Name	Operator	Version
	macos ventura	lt	13

References

support.apple.com/en-us/HT201222

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.2 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.8%

JSON

Related for APPLE:138DC64ECE1F07104C6EF7D22CA29AAF