147 matches found
New Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted Access
Eight vulnerabilities have been uncovered in Microsoft applications for macOS that an adversary could exploit to gain elevated privileges or access sensitive data by circumventing the operating system's permissions-based model, which revolves around the Transparency, Consent, and Control TCC...
CVE-2023-32383
This issue was addressed by forcing hardened runtime on the affected binaries at the system level. This issue is fixed in macOS Monterey 12.6.6, macOS Big Sur 11.7.7, macOS Ventura 13.4. An app may be able to inject code into sensitive binaries bundled with Xcode...
CVE-2023-32383
This issue was addressed by forcing hardened runtime on the affected binaries at the system level. This issue is fixed in macOS Monterey 12.6.6, macOS Big Sur 11.7.7, macOS Ventura 13.4. An app may be able to inject code into sensitive binaries bundled with Xcode...
Code injection
This issue was addressed by forcing hardened runtime on the affected binaries at the system level. This issue is fixed in macOS Monterey 12.6.6, macOS Big Sur 11.7.7, macOS Ventura 13.4. An app may be able to inject code into sensitive binaries bundled with Xcode...
CVE-2023-32383
This issue was addressed by forcing hardened runtime on the affected binaries at the system level. This issue is fixed in macOS Monterey 12.6.6, macOS Big Sur 11.7.7, macOS Ventura 13.4. An app may be able to inject code into sensitive binaries bundled with Xcode...
CVE-2023-40435
This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials...
CVE-2023-40435
This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials...
Design/Logic Flaw
This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials...
CVE-2023-40435
This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials...
CVE-2023-40435
CVE-2023-40435 affects Apple’s Xcode toolchain, specifically the iTMSTransporter workflow. The issue allowed an app to access App Store credentials; the root cause (per security advisories) was mitigated by enabling the hardened runtime, with the fix present in Xcode 15. The reported CVSS metrics...
CVE-2023-40435
This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials...
PT-2023-27452 · Apple · Xcode +1
Name of the Vulnerable Software and Affected Versions: Xcode versions prior to 15 Description: The issue allows an app to potentially access App Store credentials. It was addressed by enabling hardened runtime. Recommendations: For versions prior to 15, update to Xcode 15 to resolve the issue. As...
PT-2023-8344 · Apple · Apple Macos +1
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 12.6.6 macOS versions prior to 11.7.7 macOS versions prior to 13.4 Description: The issue is related to incorrect code generation management in the AppleMobileFileIntegrity component of the macOS operating system...
CVE-2023-23499
This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. An app may be able to access user-sensitive data...
CVE-2023-23499
This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. An app may be able to access user-sensitive data...
CVE-2022-32896
This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6, macOS Big Sur 11.7. A user may be able to view sensitive user information...
Information disclosure
This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6, macOS Big Sur 11.7. A user may be able to view sensitive user information...
CVE-2023-23499
This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. An app may be able to access user-sensitive data...
CVE-2023-23499
This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. An app may be able to access user-sensitive data...
CVE-2022-32896
This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6, macOS Big Sur 11.7. A user may be able to view sensitive user information...