Logic Issue in Apple macOS Products - Apple Inc.
CVE-2023-38259

5.5MEDIUM

Key Information:

Vendor: Apple
Status: macOS
Vendor: CVE Published:; 27 July 2023

What is CVE-2023-38259?

A recently identified logic issue in Apple's macOS products has exposed potential risks involving unauthorized access to user-sensitive data. This flaw has been addressed in the latest updates for macOS Monterey, Ventura, and Big Sur. Users are advised to ensure their systems are running the updated versions to mitigate potential threats. This vulnerability highlights the importance of regular software updates in maintaining security integrity.

Affected Version(s)

macOS < 13.5

macOS < 11.7

macOS < 12.6

References

https://support.apple.com/en-us/HT213843

https://support.apple.com/en-us/HT213845

https://support.apple.com/en-us/HT213844

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 27, 2023
Vulnerability Reserved
Jul 20, 2023