Race Condition Vulnerability in Apple macOS
CVE-2023-42832

7HIGH

Key Information:

Vendor: Apple
Status: macOS
Vendor: CVE Published:; 10 January 2024

Summary

A vulnerability has been identified in macOS that involves a race condition leading to improper state handling. This flaw could allow applications the ability to gain unauthorized root privileges, compromising system security. Versions affected include macOS Big Sur, Monterey, and Ventura, with respective updates addressing this issue being made available. Users and administrators are encouraged to apply the latest updates to mitigate the risk associated with this vulnerability.

Affected Version(s)

macOS < 13.5

macOS < 11.7

macOS < 12.6

References

https://support.apple.com/en-us/HT213843

https://support.apple.com/en-us/HT213845

https://support.apple.com/en-us/HT213844

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 10, 2024
Vulnerability Reserved
Sep 14, 2023