Denial-of-Service and Memory Disclosure Vulnerability in Apple macOS Products
CVE-2023-42876

7.1HIGH

Key Information:

Vendor: Apple
Status: Mac OS
Vendor: CVE Published:; 10 January 2024

What is CVE-2023-42876?

A vulnerability in Apple's macOS products allows for potential denial-of-service scenarios or unauthorized memory content disclosure. This issue arises from inadequate bounds checks when processing specific files. Users of macOS Sonoma 14 should ensure they have the latest updates to mitigate this risk, as the vulnerability has been addressed with improvements in the bounds checking mechanism.

Affected Version(s)

macOS < 14

References

https://support.apple.com/en-us/HT213940

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 10, 2024
Vulnerability Reserved
Sep 14, 2023

JSON