Request a Demo
Rewterz
Rewterz Threat Advisory – Multiple Apple watchOS Vulnerabilities
October 27, 2023
Rewterz
Rewterz Threat Advisory – Multiple Apple iOS and iPadOS Vulnerabilities
October 27, 2023

Rewterz Threat Advisory – Multiple Apple macOS Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2023-42844 CVSS:6.5

Apple macOS Monterey could allow a remote attacker to obtain sensitive information, caused by an issue in the Foundation component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to access sensitive user data when resolving symlinks.

CVE-2023-40416 CVSS:6.5

Apple macOS Monterey could allow a remote attacker to obtain sensitive information, caused by an issue in the ImageIO component. By persuading a victim to view a specially crafted image, an attacker could exploit this vulnerability to obtain process memory.

CVE-2023-40449 CVSS:5.5

Apple macOS Monterey is vulnerable to a denial of service, caused by an issue in the CoreAnimation component. By using a specially crafted application, an attacker could exploit this vulnerability to cause a denial of service.

CVE-2023-42854 CVSS:5.5

Apple macOS Monterey is vulnerable to a denial of service, caused by an issue in the FileProvider component. By using a specially crafted application, an attacker could exploit this vulnerability to cause a denial of service to Endpoint Security clients.

CVE-2023-40423 CVSS:7.8

Apple macOS Monterey could allow a local attacker to gain elevated privileges on the system, caused by an issue in the IOTextEncryptionFamily component. By using a specially crafted application, an attacker could exploit this vulnerability to execute arbitrary code with kernel privileges.

CVE-2023-42856 CVSS:7.8

Apple macOS Monterey could allow a remote attacker to execute arbitrary code on the system, caused by an issue in the Model I/O component. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service.

CVE-2023-40425 CVSS:5.5

Apple macOS Monterey could allow a local attacker to obtain sensitive information, caused by a privacy issue in the Sandbox component. By using a specially crafted application, an attacker could exploit this vulnerability to access private information.

CVE-2023-40421 CVSS:5.5

Apple macOS Monterey could allow a local attacker to obtain sensitive information, caused by a permissions issue in the talagent component. By using a specially crafted application, an attacker could exploit this vulnerability to access sensitive user data.

CVE-2023-41975 CVSS:6.5

Apple macOS Monterey could allow a remote attacker to bypass security restrictions, caused by an error in the WindowServer component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to access the microphone without the microphone use indicator being shown.

CVE-2023-42841 CVSS:7.8

Apple macOS Ventura could allow a local attacker to gain elevated privileges on the system, caused by an issue in the Pro Res component. By using a specially crafted application, an attacker could exploit this vulnerability to execute arbitrary code with kernel privileges.

CVE-2023-41077 CVSS:5.5

Apple macOS Ventura could allow a local attacker to obtain sensitive information, caused by an issue in the Image Capture component. By using a specially crafted application, an attacker could exploit this vulnerability to access protected user data.

CVE-2023-40401 CVSS:5.5

Apple macOS Ventura could allow a local attacker to bypass security restrictions, caused by an issue in the Passkeys component. By using a specially crafted application, an attacker could exploit this vulnerability to access passkeys without authentication.

CVE-2023-40444 CVSS:5.5

Apple macOS Sonoma could allow a local attacker to obtain sensitive information, caused by a permissions issue in the AppSandbox component. By executing a specially crafted application, an attacker could exploit this vulnerability to access user-sensitive data.

CVE-2023-41072 CVSS:5.5

Apple macOS Sonoma could allow a local attacker to obtain sensitive information, caused by a privacy issue in the Contacts component. By executing a specially crafted application, an attacker could exploit this vulnerability to access user-sensitive data.

CVE-2023-42857 CVSS:5.5

Apple macOS Sonoma could allow a local attacker to obtain sensitive information, caused by a privacy issue in the Contacts component. By executing a specially crafted application, an attacker could exploit this vulnerability to access user-sensitive data.

CVE-2023-41989 CVSS:7.8

Apple macOS Sonoma could allow a local attacker to execute arbitrary code on the system, caused by an error in the Emoji component. By using a specially crafted application, an attacker could exploit this vulnerability to execute arbitrary code as root from the Lock Screen.

CVE-2023-42850 CVSS:5.5

Apple macOS Sonoma could allow a local attacker to obtain sensitive information, caused by an issue in the LaunchServices component. By executing a specially crafted application, an attacker could exploit this vulnerability to access user-sensitive data.

CVE-2023-42861 CVSS:5

Apple macOS Sonoma could allow a local authenticated attacker to bypass security restrictions, caused by a logic issue in the Login Window component. By using a specially crafted application, an attacker could exploit this vulnerability to unlock another standard user’s locked screen on the same Mac.

CVE-2023-40405 CVSS:5.5

Apple macOS Sonoma could allow a local attacker to obtain sensitive information, caused by a privacy issue in the Maps component. By executing a specially crafted application, an attacker could exploit this vulnerability to read sensitive location information.

CVE-2023-40404 CVSS:7.8

Apple macOS Sonoma could allow a local attacker to gain elevated privileges on the system, caused by a use-after-free in the Networking component. By using a specially crafted application, an attacker could exploit this vulnerability to execute arbitrary code with kernel privileges.

CVE-2023-42847 CVSS:5

Apple macOS Sonoma could allow a local attacker to bypass security restrictions, caused by a logic issue in the Passkeys component. By using a specially crafted application, an attacker could exploit this vulnerability to access passkeys without authentication.

CVE-2023-42845 CVSS:5

Apple macOS Sonoma could allow a local attacker to bypass security restrictions, caused by an authentication issue in the Photos component. By using a specially crafted application, an attacker could exploit this vulnerability to view photos in the Hidden Photos Album.

CVE-2023-41977 CVSS:6.5

Apple macOS Sonoma could allow a remote attacker to obtain sensitive information, caused by an issue in the Safari component. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to reveal browsing history.

CVE-2023-42438 CVSS:6.5

Apple macOS Sonoma could allow a remote attacker to conduct spoofing attacks, caused by an inconsistent user interface issue in the Safari component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to lead to user interface spoofing.

CVE-2023-42842 CVSS:5.5

Apple macOS Sonoma could allow a local attacker to obtain sensitive information, caused by an issue in the Terminal component. By executing a specially crafted application, an attacker could exploit this vulnerability to access user-sensitive data.

CVE-2023-40427 CVSS:3.3

Apple macOS Sonoma could allow a remote attacker to obtain sensitive information, caused by improper handling of caches by the Maps component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to read sensitive location information, and use this information to launch further attacks against the affected system.

CVE-2023-40455 CVSS:5.5

Apple macOS Ventura could allow a local authenticated attacker to bypass security restrictions, caused by a permissions issue in the NetFSFramework component. By sending a specially crafted request, an attacker could exploit this vulnerability to circumvent sandbox restrictions.

CVE-2023-40388 CVSS:4.3

Apple macOS Sonoma could allow a remote attacker to bypass security restrictions, caused by a privacy issue in the Safari component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to save photos to an unprotected location.

CVE-2023-42826 CVSS:5.3

The vulnerability allows a remote attacker to compromise the affected system. The vulnerability exists due to insufficient validation of user-supplied input in Model I/O. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code on the system.

Impact

  • Denial of Service
  • Privileges Escalation
  • Code Execution
  • Security Bypass
  • Information Disclosure

Indicators Of Compromise

CVE

  • CVE-2023-42844
  • CVE-2023-40416
  • CVE-2023-40449
  • CVE-2023-42854
  • CVE-2023-40423
  • CVE-2023-42856
  • CVE-2023-40425
  • CVE-2023-40421
  • CVE-2023-41975
  • CVE-2023-42841
  • CVE-2023-41077
  • CVE-2023-40401
  • CVE-2023-40444
  • CVE-2023-41072
  • CVE-2023-42857
  • CVE-2023-41989
  • CVE-2023-42850
  • CVE-2023-42861
  • CVE-2023-40405
  • CVE-2023-40404
  • CVE-2023-42847
  • CVE-2023-42845
  • CVE-2023-41977
  • CVE-2023-42438
  • CVE-2023-42842
  • CVE-2023-40427
  • CVE-2023-40455
  • CVE-2023-40388
  • CVE-2023-42826

Affected Vendors

Apple

Affected Products

  • Apple macOS Monterey 12.7.0
  • Apple macOS Ventura 13.6.0
  • Apple macOS Sonoma 14.0
  • Apple macOS Sonoma
  • Apple macOS Ventura 13.5.0

Remediation

Refer to Apple Security Advisory for patch, upgrade or suggested workaround information.

Apple Security Advisory

Apple macOS Monterey 12.7.1

Apple macOS Ventura 13.6.1

Apple macOS Sonoma 14.1