Access Control Vulnerability in Apple macOS Ventura
CVE-2022-48577

5.5MEDIUM

Key Information:

Vendor: Apple
Status: macOS
Vendor: CVE Published:; 10 January 2024

Summary

An access control vulnerability in Apple’s macOS Ventura enables unauthorized applications to potentially gain access to user-sensitive data. This flaw arises from inadequate access restrictions, allowing apps to bypass security measures designed to protect personal information. The issue was resolved in the macOS Ventura 13 update, ensuring enhanced measures that fortify the operating system against unauthorized access attempts. Users are encouraged to update their systems to alleviate this risk and safeguard their data.

Affected Version(s)

macOS < 13

References

https://support.apple.com/en-us/HT213488

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 10, 2024
Vulnerability Reserved
Jul 26, 2023