Severity
Medium
Analysis Summary
CVE-2023-40435
Apple Xcode could allow a local attacker to obtain sensitive information, caused by an issue in the iTMSTransporter component. By using a specially crafted application, an attacker could exploit this vulnerability to access App Store credentials.
Impact
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-40435
Affected Vendors
Apple
Affected Products
- Apple Xcode 14.2
Remediation
Refer to Apple security document HT213939 for patch, upgrade or suggested workaround information.