Sandboxed Processes May Circumvent Restrictions
CVE-2023-40398

8.8HIGH

Key Information:

Vendor: Apple
Status: Mac OS; iOS And iPad OS
Vendor: CVE Published:; 29 July 2024

What is CVE-2023-40398?

A vulnerability has been identified in Apple products that could allow a sandboxed process to bypass security restrictions typically enforced by the sandbox architecture. This misconfiguration impacts the integrity of system protections designed to restrict applications from accessing unauthorized resources. Apple has released updates to address this issue in macOS Monterey 12.6.4, macOS Big Sur 11.7.5, macOS Ventura 13.3, iOS 16.4, and iPadOS 16.4 to enhance the verification checks for sandboxed applications.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

iOS and iPadOS < 16.4

macOS < 13.3

macOS < 12.6

References

https://support.apple.com/en-us/HT213670

https://support.apple.com/en-us/HT213676

https://support.apple.com/en-us/HT213677

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 29, 2024
Vulnerability Reserved
Aug 14, 2023

JSON

Apple

What is CVE-2023-40398?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.