Vulnerability-Lookup

WID-SEC-W-2023-2453

Vulnerability from csaf_certbund - Published: 2023-09-26 22:00 - Updated: 2025-04-13 22:00

Summary

Apple macOS: Mehrere Schwachstellen

Severity

Kritisch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.

Angriff: Ein entfernter oder lokaler Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Rechte zu erweitern oder Daten zu manipulieren.

Betroffene Betriebssysteme: - MacOS X

CVE-2023-23495

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-29497

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-32361

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-32377

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-32396

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-32421

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-35074

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-35984

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-35990

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-37448

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-38586

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-38596

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-3860

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-38607

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-38615

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-39233

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-39434

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40384

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40386

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40388

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40391

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40393

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40395

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40396

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40399

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40400

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40402

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40403

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40406

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40407

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40409

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40410

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40411

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40412

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40417

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40420

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40422

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40424

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40426

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40427

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40429

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40430

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40432

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40434

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40436

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40438

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40441

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40448

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40450

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40452

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40454

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40455

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-40541

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41063

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41065

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41066

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41067

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41070

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41071

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41073

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41074

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41076

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41078

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41079

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41232

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41968

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41979

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41980

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41981

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41984

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41986

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41987

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41991

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41992

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41993

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41994

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41995

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-41996

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-42826

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-42876

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-42918

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-42929

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-42933

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-42934

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-42943

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-42948

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-42949

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-42957

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-42959

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-42961

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-42969

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-42970

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-42977

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-42981

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-42982

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

CVE-2023-42983

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Ventura <13.6 Apple / macOS		Ventura <13.6
Apple macOS Sonoma <14 Apple / macOS		Sonoma <14
Apple macOS Monterey <12.7 Apple / macOS		Monterey <12.7

References

5 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://support.apple.com/en-us/HT213931	external
https://support.apple.com/en-us/HT213932	external
https://support.apple.com/en-us/HT213940	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "kritisch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter oder lokaler Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Rechte zu erweitern oder Daten zu manipulieren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- MacOS X",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-2453 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2453.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-2453 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2453"
      },
      {
        "category": "external",
        "summary": "Apple Security Advisory vom 2023-09-26",
        "url": "https://support.apple.com/en-us/HT213931"
      },
      {
        "category": "external",
        "summary": "Apple Security Advisory vom 2023-09-26",
        "url": "https://support.apple.com/en-us/HT213932"
      },
      {
        "category": "external",
        "summary": "Apple Security Advisory vom 2023-09-26",
        "url": "https://support.apple.com/en-us/HT213940"
      }
    ],
    "source_lang": "en-US",
    "title": "Apple macOS: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-04-13T22:00:00.000+00:00",
      "generator": {
        "date": "2025-04-14T08:21:12.074+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2023-2453",
      "initial_release_date": "2023-09-26T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-09-26T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2023-10-25T22:00:00.000+00:00",
          "number": "2",
          "summary": "CVE erg\u00e4nzt"
        },
        {
          "date": "2024-01-22T23:00:00.000+00:00",
          "number": "3",
          "summary": "CVE\u0027s erg\u00e4nzt"
        },
        {
          "date": "2025-04-13T22:00:00.000+00:00",
          "number": "4",
          "summary": "CVE-Nummern erg\u00e4nzt"
        }
      ],
      "status": "final",
      "version": "4"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Ventura \u003c13.6",
                "product": {
                  "name": "Apple macOS Ventura \u003c13.6",
                  "product_id": "T030093"
                }
              },
              {
                "category": "product_version",
                "name": "Ventura 13.6",
                "product": {
                  "name": "Apple macOS Ventura 13.6",
                  "product_id": "T030093-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:apple:mac_os:ventura__13.6"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Monterey \u003c12.7",
                "product": {
                  "name": "Apple macOS Monterey \u003c12.7",
                  "product_id": "T030094"
                }
              },
              {
                "category": "product_version",
                "name": "Monterey 12.7",
                "product": {
                  "name": "Apple macOS Monterey 12.7",
                  "product_id": "T030094-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:apple:mac_os:monterey__12.7"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Sonoma \u003c14",
                "product": {
                  "name": "Apple macOS Sonoma \u003c14",
                  "product_id": "T030095"
                }
              },
              {
                "category": "product_version",
                "name": "Sonoma 14",
                "product": {
                  "name": "Apple macOS Sonoma 14",
                  "product_id": "T030095-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:apple:mac_os:sonoma__14"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "macOS"
          }
        ],
        "category": "vendor",
        "name": "Apple"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-23495",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-23495"
    },
    {
      "cve": "CVE-2023-29497",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-29497"
    },
    {
      "cve": "CVE-2023-32361",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-32361"
    },
    {
      "cve": "CVE-2023-32377",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-32377"
    },
    {
      "cve": "CVE-2023-32396",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-32396"
    },
    {
      "cve": "CVE-2023-32421",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-32421"
    },
    {
      "cve": "CVE-2023-35074",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-35074"
    },
    {
      "cve": "CVE-2023-35984",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-35984"
    },
    {
      "cve": "CVE-2023-35990",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-35990"
    },
    {
      "cve": "CVE-2023-37448",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-37448"
    },
    {
      "cve": "CVE-2023-38586",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-38586"
    },
    {
      "cve": "CVE-2023-38596",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-38596"
    },
    {
      "cve": "CVE-2023-3860",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-3860"
    },
    {
      "cve": "CVE-2023-38607",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-38607"
    },
    {
      "cve": "CVE-2023-38615",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-38615"
    },
    {
      "cve": "CVE-2023-39233",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-39233"
    },
    {
      "cve": "CVE-2023-39434",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-39434"
    },
    {
      "cve": "CVE-2023-40384",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40384"
    },
    {
      "cve": "CVE-2023-40386",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40386"
    },
    {
      "cve": "CVE-2023-40388",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40388"
    },
    {
      "cve": "CVE-2023-40391",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40391"
    },
    {
      "cve": "CVE-2023-40393",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40393"
    },
    {
      "cve": "CVE-2023-40395",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40395"
    },
    {
      "cve": "CVE-2023-40396",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40396"
    },
    {
      "cve": "CVE-2023-40399",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40399"
    },
    {
      "cve": "CVE-2023-40400",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40400"
    },
    {
      "cve": "CVE-2023-40402",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40402"
    },
    {
      "cve": "CVE-2023-40403",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40403"
    },
    {
      "cve": "CVE-2023-40406",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40406"
    },
    {
      "cve": "CVE-2023-40407",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40407"
    },
    {
      "cve": "CVE-2023-40409",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40409"
    },
    {
      "cve": "CVE-2023-40410",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40410"
    },
    {
      "cve": "CVE-2023-40411",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40411"
    },
    {
      "cve": "CVE-2023-40412",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40412"
    },
    {
      "cve": "CVE-2023-40417",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40417"
    },
    {
      "cve": "CVE-2023-40420",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40420"
    },
    {
      "cve": "CVE-2023-40422",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40422"
    },
    {
      "cve": "CVE-2023-40424",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40424"
    },
    {
      "cve": "CVE-2023-40426",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40426"
    },
    {
      "cve": "CVE-2023-40427",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40427"
    },
    {
      "cve": "CVE-2023-40429",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40429"
    },
    {
      "cve": "CVE-2023-40430",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40430"
    },
    {
      "cve": "CVE-2023-40432",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40432"
    },
    {
      "cve": "CVE-2023-40434",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40434"
    },
    {
      "cve": "CVE-2023-40436",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40436"
    },
    {
      "cve": "CVE-2023-40438",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40438"
    },
    {
      "cve": "CVE-2023-40441",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40441"
    },
    {
      "cve": "CVE-2023-40448",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40448"
    },
    {
      "cve": "CVE-2023-40450",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40450"
    },
    {
      "cve": "CVE-2023-40452",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40452"
    },
    {
      "cve": "CVE-2023-40454",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40454"
    },
    {
      "cve": "CVE-2023-40455",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40455"
    },
    {
      "cve": "CVE-2023-40541",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-40541"
    },
    {
      "cve": "CVE-2023-41063",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41063"
    },
    {
      "cve": "CVE-2023-41065",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41065"
    },
    {
      "cve": "CVE-2023-41066",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41066"
    },
    {
      "cve": "CVE-2023-41067",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41067"
    },
    {
      "cve": "CVE-2023-41070",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41070"
    },
    {
      "cve": "CVE-2023-41071",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41071"
    },
    {
      "cve": "CVE-2023-41073",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41073"
    },
    {
      "cve": "CVE-2023-41074",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41074"
    },
    {
      "cve": "CVE-2023-41076",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41076"
    },
    {
      "cve": "CVE-2023-41078",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41078"
    },
    {
      "cve": "CVE-2023-41079",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41079"
    },
    {
      "cve": "CVE-2023-41232",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41232"
    },
    {
      "cve": "CVE-2023-41968",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41968"
    },
    {
      "cve": "CVE-2023-41979",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41979"
    },
    {
      "cve": "CVE-2023-41980",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41980"
    },
    {
      "cve": "CVE-2023-41981",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41981"
    },
    {
      "cve": "CVE-2023-41984",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41984"
    },
    {
      "cve": "CVE-2023-41986",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41986"
    },
    {
      "cve": "CVE-2023-41987",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41987"
    },
    {
      "cve": "CVE-2023-41991",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41991"
    },
    {
      "cve": "CVE-2023-41992",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41992"
    },
    {
      "cve": "CVE-2023-41993",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41993"
    },
    {
      "cve": "CVE-2023-41994",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41994"
    },
    {
      "cve": "CVE-2023-41995",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41995"
    },
    {
      "cve": "CVE-2023-41996",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-41996"
    },
    {
      "cve": "CVE-2023-42826",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-42826"
    },
    {
      "cve": "CVE-2023-42876",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-42876"
    },
    {
      "cve": "CVE-2023-42918",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-42918"
    },
    {
      "cve": "CVE-2023-42929",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-42929"
    },
    {
      "cve": "CVE-2023-42933",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-42933"
    },
    {
      "cve": "CVE-2023-42934",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-42934"
    },
    {
      "cve": "CVE-2023-42943",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-42943"
    },
    {
      "cve": "CVE-2023-42948",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-42948"
    },
    {
      "cve": "CVE-2023-42949",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-42949"
    },
    {
      "cve": "CVE-2023-42957",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-42957"
    },
    {
      "cve": "CVE-2023-42959",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-42959"
    },
    {
      "cve": "CVE-2023-42961",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-42961"
    },
    {
      "cve": "CVE-2023-42969",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-42969"
    },
    {
      "cve": "CVE-2023-42970",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-42970"
    },
    {
      "cve": "CVE-2023-42977",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-42977"
    },
    {
      "cve": "CVE-2023-42981",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-42981"
    },
    {
      "cve": "CVE-2023-42982",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-42982"
    },
    {
      "cve": "CVE-2023-42983",
      "product_status": {
        "known_affected": [
          "T030093",
          "T030095",
          "T030094"
        ]
      },
      "release_date": "2023-09-26T22:00:00.000+00:00",
      "title": "CVE-2023-42983"
    }
  ]
}

CVE-2023-23495 (GCVE-0-2023-23495)

Vulnerability from cvelistv5 – Published: 2023-09-26 20:14 – Updated: 2025-11-04 19:14

Summary

A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.

Severity

No CVSS data available.

CWE

An app may be able to access sensitive user data

Assigner

apple

References

2 references

URL	Tags
https://support.apple.com/en-us/HT213940
http://seclists.org/fulldisclosure/2023/Oct/3

Impacted products

1 product

Vendor	Product	Version
Apple	macOS	Affected: unspecified , < 14 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:14:40.705Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213940"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
          },
          {
            "url": "https://support.apple.com/kb/HT213940"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-23495",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-24T14:28:49.628214Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-24T14:48:38.270Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "14",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An app may be able to access sensitive user data",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-03T05:11:39.861Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/HT213940"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2023-23495",
    "datePublished": "2023-09-26T20:14:31.599Z",
    "dateReserved": "2023-01-12T20:55:51.744Z",
    "dateUpdated": "2025-11-04T19:14:40.705Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-29497 (GCVE-0-2023-29497)

Vulnerability from cvelistv5 – Published: 2023-09-26 20:14 – Updated: 2025-11-04 19:15

Summary

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14. An app may be able to access calendar data saved to a temporary directory.

Severity

No CVSS data available.

CWE

An app may be able to access calendar data saved to a temporary directory

Assigner

apple

References

2 references

URL	Tags
https://support.apple.com/en-us/HT213940
http://seclists.org/fulldisclosure/2023/Oct/3

Impacted products

1 product

Vendor	Product	Version
Apple	macOS	Affected: unspecified , < 14 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:15:56.946Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213940"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
          },
          {
            "url": "https://support.apple.com/kb/HT213940"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-29497",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-24T14:25:29.728393Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-24T14:25:41.310Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "14",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14. An app may be able to access calendar data saved to a temporary directory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An app may be able to access calendar data saved to a temporary directory",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-03T05:12:51.817Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/HT213940"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2023-29497",
    "datePublished": "2023-09-26T20:14:53.241Z",
    "dateReserved": "2023-07-20T15:04:15.889Z",
    "dateUpdated": "2025-11-04T19:15:56.946Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-32361 (GCVE-0-2023-32361)

Vulnerability from cvelistv5 – Published: 2023-09-26 20:15 – Updated: 2025-11-04 19:16

Summary

The issue was addressed with improved handling of caches. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to access user-sensitive data.

Severity

No CVSS data available.

CWE

An app may be able to access user-sensitive data

Assigner

apple

References

8 references

URL	Tags
https://support.apple.com/en-us/HT213938
https://support.apple.com/en-us/HT213936
https://support.apple.com/en-us/HT213940
https://support.apple.com/en-us/HT213937
http://seclists.org/fulldisclosure/2023/Oct/10
http://seclists.org/fulldisclosure/2023/Oct/8
http://seclists.org/fulldisclosure/2023/Oct/9
http://seclists.org/fulldisclosure/2023/Oct/3

Impacted products

4 products

Vendor	Product	Version
Apple	iOS and iPadOS	Affected: unspecified , < 17 (custom)
Apple	tvOS	Affected: unspecified , < 17 (custom)
Apple	macOS	Affected: unspecified , < 14 (custom)
Apple	watchOS	Affected: unspecified , < 10 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:16:10.342Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213938"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213936"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213940"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213937"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/10"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
          },
          {
            "url": "https://support.apple.com/kb/HT213940"
          },
          {
            "url": "https://support.apple.com/kb/HT213938"
          },
          {
            "url": "https://support.apple.com/kb/HT213937"
          },
          {
            "url": "https://support.apple.com/kb/HT213936"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-32361",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-24T13:28:59.094627Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-24T13:29:07.978Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "14",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "10",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The issue was addressed with improved handling of caches. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to access user-sensitive data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An app may be able to access user-sensitive data",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-03T05:07:24.923Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/HT213938"
        },
        {
          "url": "https://support.apple.com/en-us/HT213936"
        },
        {
          "url": "https://support.apple.com/en-us/HT213940"
        },
        {
          "url": "https://support.apple.com/en-us/HT213937"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/10"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/8"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/9"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2023-32361",
    "datePublished": "2023-09-26T20:15:01.727Z",
    "dateReserved": "2023-05-08T22:31:41.817Z",
    "dateUpdated": "2025-11-04T19:16:10.342Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-32377 (GCVE-0-2023-32377)

Vulnerability from cvelistv5 – Published: 2023-09-26 20:15 – Updated: 2025-11-04 19:16

Summary

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges.

Severity

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

An app may be able to execute arbitrary code with kernel privileges

Assigner

apple

References

2 references

URL	Tags
https://support.apple.com/en-us/HT213940
http://seclists.org/fulldisclosure/2023/Oct/3

Impacted products

1 product

Vendor	Product	Version
Apple	macOS	Affected: unspecified , < 14 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:16:11.448Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213940"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
          },
          {
            "url": "https://support.apple.com/kb/HT213940"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-32377",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T13:26:29.774475Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-05T14:59:41.269Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "14",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An app may be able to execute arbitrary code with kernel privileges",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-03T05:12:44.052Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/HT213940"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2023-32377",
    "datePublished": "2023-09-26T20:15:00.681Z",
    "dateReserved": "2023-05-08T22:31:41.819Z",
    "dateUpdated": "2025-11-04T19:16:11.448Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-32396 (GCVE-0-2023-32396)

Vulnerability from cvelistv5 – Published: 2023-09-26 20:14 – Updated: 2025-11-04 19:16

Summary

This issue was addressed with improved checks. This issue is fixed in Xcode 15, tvOS 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to gain elevated privileges.

Severity

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

An app may be able to gain elevated privileges

Assigner

apple

References

10 references

URL	Tags
https://support.apple.com/en-us/HT213938
https://support.apple.com/en-us/HT213939
https://support.apple.com/en-us/HT213936
https://support.apple.com/en-us/HT213940
https://support.apple.com/en-us/HT213937
http://seclists.org/fulldisclosure/2023/Oct/7
http://seclists.org/fulldisclosure/2023/Oct/10
http://seclists.org/fulldisclosure/2023/Oct/8
http://seclists.org/fulldisclosure/2023/Oct/9
http://seclists.org/fulldisclosure/2023/Oct/3

Impacted products

5 products

Vendor	Product	Version
Apple	iOS and iPadOS	Affected: unspecified , < 17 (custom)
Apple	Xcode	Affected: unspecified , < 15 (custom)
Apple	tvOS	Affected: unspecified , < 17 (custom)
Apple	macOS	Affected: unspecified , < 14 (custom)
Apple	watchOS	Affected: unspecified , < 10 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:16:16.896Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213938"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213939"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213936"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213940"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213937"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/10"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
          },
          {
            "url": "https://support.apple.com/kb/HT213940"
          },
          {
            "url": "https://support.apple.com/kb/HT213939"
          },
          {
            "url": "https://support.apple.com/kb/HT213937"
          },
          {
            "url": "https://support.apple.com/kb/HT213936"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-32396",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T13:26:52.027620Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-05T15:17:18.380Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Xcode",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "15",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "14",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "10",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "This issue was addressed with improved checks. This issue is fixed in Xcode 15, tvOS 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to gain elevated privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An app may be able to gain elevated privileges",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-03T05:07:07.875Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/HT213938"
        },
        {
          "url": "https://support.apple.com/en-us/HT213939"
        },
        {
          "url": "https://support.apple.com/en-us/HT213936"
        },
        {
          "url": "https://support.apple.com/en-us/HT213940"
        },
        {
          "url": "https://support.apple.com/en-us/HT213937"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/7"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/10"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/8"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/9"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2023-32396",
    "datePublished": "2023-09-26T20:14:32.595Z",
    "dateReserved": "2023-05-08T22:31:41.824Z",
    "dateUpdated": "2025-11-04T19:16:16.896Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-32421 (GCVE-0-2023-32421)

Vulnerability from cvelistv5 – Published: 2023-09-26 20:12 – Updated: 2025-11-04 19:16

Summary

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14. An app may be able to observe unprotected user data.

Severity

No CVSS data available.

CWE

An app may be able to observe unprotected user data

Assigner

apple

References

2 references

URL	Tags
https://support.apple.com/en-us/HT213940
http://seclists.org/fulldisclosure/2023/Oct/3

Impacted products

1 product

Vendor	Product	Version
Apple	macOS	Affected: unspecified , < 14 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:16:18.023Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213940"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
          },
          {
            "url": "https://support.apple.com/kb/HT213940"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-32421",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-24T13:55:38.360290Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-24T13:55:46.247Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "14",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14. An app may be able to observe unprotected user data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An app may be able to observe unprotected user data",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-03T05:13:07.762Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/HT213940"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2023-32421",
    "datePublished": "2023-09-26T20:12:02.556Z",
    "dateReserved": "2023-05-08T22:31:41.832Z",
    "dateUpdated": "2025-11-04T19:16:18.023Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-35074 (GCVE-0-2023-35074)

Vulnerability from cvelistv5 – Published: 2023-09-26 20:12 – Updated: 2025-05-05 15:17

Summary

The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution.

Severity

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Processing web content may lead to arbitrary code execution

Assigner

apple

References

13 references

URL	Tags
https://support.apple.com/en-us/HT213938
https://support.apple.com/en-us/HT213936
https://support.apple.com/en-us/HT213941
https://support.apple.com/en-us/HT213940
https://support.apple.com/en-us/HT213937
http://www.openwall.com/lists/oss-security/2023/09/28/3
http://seclists.org/fulldisclosure/2023/Oct/2
http://seclists.org/fulldisclosure/2023/Oct/10
http://seclists.org/fulldisclosure/2023/Oct/8
http://seclists.org/fulldisclosure/2023/Oct/9
http://seclists.org/fulldisclosure/2023/Oct/3
https://lists.fedoraproject.org/archives/list/pac…
https://security.gentoo.org/glsa/202401-33

Impacted products

5 products

Vendor	Product	Version
Apple	iOS and iPadOS	Affected: unspecified , < 17 (custom)
Apple	tvOS	Affected: unspecified , < 17 (custom)
Apple	Safari	Affected: unspecified , < 17 (custom)
Apple	macOS	Affected: unspecified , < 14 (custom)
Apple	watchOS	Affected: unspecified , < 10 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-29T13:17:25.776Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213938"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213936"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213941"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213940"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213937"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/09/28/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/10"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EEMDC5TQAANFH5D77QM34ZTUKXPFGVL/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202401-33"
          },
          {
            "url": "https://webkitgtk.org/security/WSA-2023-0009.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-35074",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T13:26:54.551848Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-05T15:17:38.443Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Safari",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "14",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "10",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Processing web content may lead to arbitrary code execution",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-31T15:06:29.418Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/HT213938"
        },
        {
          "url": "https://support.apple.com/en-us/HT213936"
        },
        {
          "url": "https://support.apple.com/en-us/HT213941"
        },
        {
          "url": "https://support.apple.com/en-us/HT213940"
        },
        {
          "url": "https://support.apple.com/en-us/HT213937"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/09/28/3"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/2"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/10"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/8"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/9"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EEMDC5TQAANFH5D77QM34ZTUKXPFGVL/"
        },
        {
          "url": "https://security.gentoo.org/glsa/202401-33"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2023-35074",
    "datePublished": "2023-09-26T20:12:05.743Z",
    "dateReserved": "2023-07-20T15:03:50.114Z",
    "dateUpdated": "2025-05-05T15:17:38.443Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-35984 (GCVE-0-2023-35984)

Vulnerability from cvelistv5 – Published: 2023-09-26 20:14 – Updated: 2025-11-04 19:17

Summary

The issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An attacker in physical proximity can cause a limited out of bounds write.

Severity

No CVSS data available.

CWE

An attacker in physical proximity can cause a limited out of bounds write

Assigner

apple

References

8 references

URL	Tags
https://support.apple.com/en-us/HT213938
https://support.apple.com/en-us/HT213936
https://support.apple.com/en-us/HT213940
https://support.apple.com/en-us/HT213937
http://seclists.org/fulldisclosure/2023/Oct/10
http://seclists.org/fulldisclosure/2023/Oct/8
http://seclists.org/fulldisclosure/2023/Oct/9
http://seclists.org/fulldisclosure/2023/Oct/3

Impacted products

4 products

Vendor	Product	Version
Apple	iOS and iPadOS	Affected: unspecified , < 17 (custom)
Apple	tvOS	Affected: unspecified , < 17 (custom)
Apple	macOS	Affected: unspecified , < 14 (custom)
Apple	watchOS	Affected: unspecified , < 10 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:17:04.992Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213938"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213936"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213940"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213937"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/10"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
          },
          {
            "url": "https://support.apple.com/kb/HT213940"
          },
          {
            "url": "https://support.apple.com/kb/HT213938"
          },
          {
            "url": "https://support.apple.com/kb/HT213937"
          },
          {
            "url": "https://support.apple.com/kb/HT213936"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-35984",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-24T14:35:18.525900Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-24T14:35:27.861Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "14",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "10",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An attacker in physical proximity can cause a limited out of bounds write."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An attacker in physical proximity can cause a limited out of bounds write",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-03T05:08:10.416Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/HT213938"
        },
        {
          "url": "https://support.apple.com/en-us/HT213936"
        },
        {
          "url": "https://support.apple.com/en-us/HT213940"
        },
        {
          "url": "https://support.apple.com/en-us/HT213937"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/10"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/8"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/9"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2023-35984",
    "datePublished": "2023-09-26T20:14:40.561Z",
    "dateReserved": "2023-07-20T15:03:50.127Z",
    "dateUpdated": "2025-11-04T19:17:04.992Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-35990 (GCVE-0-2023-35990)

Vulnerability from cvelistv5 – Published: 2023-09-26 20:14 – Updated: 2025-11-04 19:17

Summary

The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14. An app may be able to identify what other apps a user has installed.

Severity

No CVSS data available.

CWE

An app may be able to identify what other apps a user has installed

Assigner

apple

References

8 references

URL	Tags
https://support.apple.com/en-us/HT213938
https://support.apple.com/en-us/HT213927
https://support.apple.com/en-us/HT213940
https://support.apple.com/en-us/HT213937
http://seclists.org/fulldisclosure/2023/Oct/8
http://seclists.org/fulldisclosure/2023/Oct/9
http://seclists.org/fulldisclosure/2023/Oct/3
http://seclists.org/fulldisclosure/2023/Oct/4

Impacted products

4 products

Vendor	Product	Version
Apple	iOS and iPadOS	Affected: unspecified , < 17 (custom)
Apple	iOS and iPadOS	Affected: unspecified , < 16.7 (custom)
Apple	macOS	Affected: unspecified , < 14 (custom)
Apple	watchOS	Affected: unspecified , < 10 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:17:10.383Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213938"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213927"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213940"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213937"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/4"
          },
          {
            "url": "https://support.apple.com/kb/HT213940"
          },
          {
            "url": "https://support.apple.com/kb/HT213927"
          },
          {
            "url": "https://support.apple.com/kb/HT213938"
          },
          {
            "url": "https://support.apple.com/kb/HT213937"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-35990",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-24T14:28:05.384564Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-863",
                "description": "CWE-863 Incorrect Authorization",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-29T18:20:12.787Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "16.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "14",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "10",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14. An app may be able to identify what other apps a user has installed."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An app may be able to identify what other apps a user has installed",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-03T05:09:13.843Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/HT213938"
        },
        {
          "url": "https://support.apple.com/en-us/HT213927"
        },
        {
          "url": "https://support.apple.com/en-us/HT213940"
        },
        {
          "url": "https://support.apple.com/en-us/HT213937"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/8"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/9"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/4"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2023-35990",
    "datePublished": "2023-09-26T20:14:46.575Z",
    "dateReserved": "2023-07-20T15:03:50.160Z",
    "dateUpdated": "2025-11-04T19:17:10.383Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-37448 (GCVE-0-2023-37448)

Vulnerability from cvelistv5 – Published: 2023-09-26 20:14 – Updated: 2025-11-04 19:17

Summary

A lock screen issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14. A user may be able to view restricted content from the lock screen.

Severity

No CVSS data available.

CWE

A user may be able to view restricted content from the lock screen

Assigner

apple

References

2 references

URL	Tags
https://support.apple.com/en-us/HT213940
http://seclists.org/fulldisclosure/2023/Oct/3

Impacted products

1 product

Vendor	Product	Version
Apple	macOS	Affected: unspecified , < 14 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:17:15.880Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213940"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
          },
          {
            "url": "https://support.apple.com/kb/HT213940"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-37448",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-24T14:32:11.870929Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-24T14:32:18.848Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "14",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A lock screen issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14. A user may be able to view restricted content from the lock screen."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "A user may be able to view restricted content from the lock screen",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-03T05:12:57.428Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/HT213940"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2023-37448",
    "datePublished": "2023-09-26T20:14:41.567Z",
    "dateReserved": "2023-07-05T20:47:01.011Z",
    "dateUpdated": "2025-11-04T19:17:15.880Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2023-2453

CVE-2023-23495 (GCVE-0-2023-23495)

CVE-2023-29497 (GCVE-0-2023-29497)

CVE-2023-32361 (GCVE-0-2023-32361)

CVE-2023-32377 (GCVE-0-2023-32377)

CVE-2023-32396 (GCVE-0-2023-32396)

CVE-2023-32421 (GCVE-0-2023-32421)

CVE-2023-35074 (GCVE-0-2023-35074)

CVE-2023-35984 (GCVE-0-2023-35984)

CVE-2023-35990 (GCVE-0-2023-35990)

CVE-2023-37448 (GCVE-0-2023-37448)

Tags

Sightings

Nomenclature