Severity
Medium
Analysis Summary
CVE-2023-27967 CVSS:7.8
Apple Xcode could allow a local attacker to execute arbitrary code on the system, caused by an issue in the Dev Tools component. By executing a specially crafted application, an attacker could exploit this vulnerability to execute arbitrary code or cause the application to crash.
CVE-2023-27945 CVSS:5.5
Apple Xcode could allow a local attacker to execute arbitrary code on the system, caused by an issue in the Dev Tools component. By executing a specially crafted application, an attacker could exploit this vulnerability to execute arbitrary code or cause the application to crash.
Impact
- Code Execution
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-27967
- CVE-2023-27945
Affected Vendors
Apple
Affected Products
- Apple Xcode 14.2
Remediation
Refer to the Apple security document for patch, upgrade or suggested workaround information.