Request a Demo
Rewterz
Rewterz Threat Advisory – Multiple Apple Products Vulnerabilities
December 12, 2023
Rewterz
Rewterz Threat Alert – Agent Tesla Malware – Active IOCs
December 12, 2023

Rewterz Threat Advisory – Multiple Apple macOS Sonoma and Monterey Vulnerabilities

Severity

High

Analysis Summary

CVE-2023-42874 CVSS:5.5

Apple macOS Sonoma could allow a physical attacker to obtain sensitive information, caused by an issue in the Accessibility component. By using an Accessibility Keyboard when using a physical keyboard, an attacker could exploit this vulnerability to display secure text fields.

CVE-2023-42882 CVSS:7.8

Apple macOS Sonoma could allow a remote attacker to execute arbitrary code on the system, caused by an issue in the AppleVA component. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash.

CVE-2023-42900 CVSS:5.5

Apple macOS Sonoma could allow a local attacker to obtain sensitive information, caused by an issue in the CoreMedia Playback component. By using a specially crafted application, an attacker could exploit this vulnerability to access user-sensitive data.

CVE-2023-42901, CVE-2023-42902, CVE-2023-42903, CVE-2023-42904

Apple macOS Sonoma could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption in the AppleGraphicsControl component. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash.

CVE-2023-42905, CVE-2023-42906, CVE-2023-42907, CVE-2023-42908

Apple macOS Sonoma could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption in the AppleGraphicsControl component. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash.

CVE-2023-42909, CVE-2023-42910, CVE-2023-42911, CVE-2023-42912

Apple macOS Sonoma could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption in the AppleGraphicsControl component. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash.

CVE-2023-42926 CVSS:7.8

Apple macOS Sonoma could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption in the AppleGraphicsControl component. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash.

CVE-2023-42886 CVSS:7.8

Apple macOS Monterey could allow a local attacker to execute arbitrary code on the system, caused by an out-of-bounds read in the CoreServices component. By using a specially crafted application, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service.

CVE-2023-42891 CVSS:5.5

Apple macOS Monterey could allow a local attacker to bypass security restrictions, caused by an issue in the IOKit component. By using a specially crafted application, an attacker could exploit this vulnerability to monitor keystrokes without user permission.

CVE-2023-42894 CVSS:5.5

Apple macOS Monterey could allow a local attacker to obtain sensitive information, caused by an issue in the AppleEvents component. By using a specially crafted application, an attacker could exploit this vulnerability to access information about a user’s contacts.

CVE-2023-42922 CVSS:5.5

Apple macOS Monterey could allow a local attacker to obtain sensitive information, caused by an issue in the Find My component. By using a specially crafted application, an attacker could exploit this vulnerability to read sensitive location information.

CVE-2023-42932 CVSS:5.5

Apple macOS Monterey could allow a local attacker to obtain sensitive information, caused by a logic issue in the TCC component. By using a specially crafted application, an attacker could exploit this vulnerability to access protected user data.

Impact

  • Code Execution
  • Information Disclosure
  • Security Bypass

Indicators Of Compromise

CVE

  • CVE-2023-42874
  • CVE-2023-42882
  • CVE-2023-42900
  • CVE-2023-42901
  • CVE-2023-42902
  • CVE-2023-42903
  • CVE-2023-42904
  • CVE-2023-42905
  • CVE-2023-42906
  • CVE-2023-42907
  • CVE-2023-42908
  • CVE-2023-42909
  • CVE-2023-42910
  • CVE-2023-42911
  • CVE-2023-42912
  • CVE-2023-42926
  • CVE-2023-42886
  • CVE-2023-42891
  • CVE-2023-42894
  • CVE-2023-42922
  • CVE-2023-42932

Affected Vendors

Apple

Affected Products

  • Apple macOS Monterey 12.7.1
  • Apple macOS Sonoma 14.1

Remediation

Refer to the Apple security document for patch, upgrade, or suggested workaround information.

Apple macOS Sonoma

Apple macOS Monterey