Request a Demo
Rewterz
Rewterz Threat Alert –North Korean APT Kimsuky Aka Black Banshee – Active IOCs
January 23, 2024
Rewterz
Rewterz Threat Update –China-Linked UNC3886 Stealthily Weaponized Highly-Severe VMware Zero-Day Vulnerability for 2 Years
January 23, 2024

Rewterz Threat Alert – Multiple Apple macOS Products Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-23214 CVSS:8.8

Apple macOS Sonoma could allow a remote attacker to execute arbitrary code on the system, caused by multiple memory corruption issues in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-23203 CVSS:6.5

Apple macOS Sonoma could allow a remote attacker to obtain sensitive information, caused by an error in the Shortcuts component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to use sensitive data with certain actions without prompting the user.

CVE-2024-23209 CVSS:8.8

Apple macOS Sonoma could allow a remote attacker to execute arbitrary code on the system, caused by an error in the LLVM component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2023-42887 CVSS:5.5

Apple macOS Ventura could allow a local attacker to obtain sensitive information, caused by an access error in the NSOpenPanel component. By using a specially crafted application, an attacker could exploit this vulnerability to read arbitrary files.

CVE-2023-42935 CVSS:5.5

Apple macOS Ventura could allow a local attacker to obtain sensitive information, caused by an error in the LoginWindow component. By using a specially crafted application, an attacker could exploit this vulnerability to view the previous logged in user’s desktop from the fast user switching screen.

CVE-2024-23224 CVSS:5.5

Apple macOS Ventura could allow a local attacker to obtain sensitive information, caused by an error in the Finder component. By using a specially crafted application, an attacker could exploit this vulnerability to access sensitive user data.

CVE-2023-40528 CVSS:5.5

Apple macOS Ventura could allow a local attacker to bypass security restrictions, caused by an error in the Core Data component. By using a specially crafted application, an attacker could exploit this vulnerability to bypass Privacy preferences.

CVE-2023-42888 CVSS:5.5

Apple macOS Monterey could allow a remote attacker to obtain sensitive information, caused by an error in the ImageIO component. By persuading a victim to view a specially crafted image, an attacker could exploit this vulnerability to obtain process memory.

CVE-2023-42937 CVSS:5.5

Apple macOS Monterey could allow a local attacker to obtain sensitive information, caused by a privacy issue in the Accessibility component. By using a specially crafted application, an attacker could exploit this vulnerability to access sensitive user data.

Impact

  • Gain Access
  • Security Bypass
  • Information Disclosure

Indicators Of Compromise

CVE

  • CVE-2024-23214
  • CVE-2024-23203
  • CVE-2024-23209
  • CVE-2023-42887
  • CVE-2023-42935
  • CVE-2024-23224
  • CVE-2023-40528
  • CVE-2023-42888
  • CVE-2023-42937

Affected Vendors

Apple

Affected Products

  • Apple macOS Sonoma 14.2
  • Apple macOS Ventura 13.6.3
  • Apple macOS Monterey 12.7.2

Remediation

Refer to Apple security document for patch, upgrade or suggested workaround information.

Apple macOS Sonoma

Apple macOS Ventura

Apple macOS Monterey