Lucene search

K
cveAppleCVE-2023-32356
HistorySep 06, 2023 - 2:15 a.m.

CVE-2023-32356

2023-09-0602:15:08
CWE-120
apple
web.nvd.nist.gov
22
cve-2023-32356
buffer overflow
memory handling
macos ventura 13.3
nvd
security issue

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

26.5%

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.

Affected configurations

Nvd
Vulners
Node
applemacosRange13.013.3
VendorProductVersionCPE
applemacos*cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "vendor": "Apple",
    "product": "macOS",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "13.3",
        "versionType": "custom"
      }
    ]
  }
]

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

26.5%

Related for CVE-2023-32356