Lucene search

K
vulnrichmentAppleVULNRICHMENT:CVE-2023-42838
HistoryFeb 21, 2024 - 6:41 a.m.

CVE-2023-42838

2024-02-2106:41:24
apple
github.com
3
access issue
sandbox improvements
macos ventura
macos sonoma
macos monterey
arbitrary code execution
elevated privileges

AI Score

7.6

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

total

An access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.1, macOS Monterey 12.7.2. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
      "cpe:2.3:o:apple:macos:13.0:*:*:*:*:*:*:*",
      "cpe:2.3:o:apple:macos:14.0:*:*:*:*:*:*:*"
    ],
    "vendor": "apple",
    "product": "macos",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "12.7.2",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "13.0",
        "lessThan": "13.6.3",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "14.0",
        "lessThan": "14.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

AI Score

7.6

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

total

Related for VULNRICHMENT:CVE-2023-42838