Denial-of-Service and Memory Disclosure in Apple's macOS
CVE-2023-42982

6.4MEDIUM

Key Information:

Vendor: Apple
Status: Mac OS
Vendor: CVE Published:; 11 April 2025

What is CVE-2023-42982?

This vulnerability involves improper handling of file processing, which may lead to a denial-of-service condition. It poses a risk of potentially disclosing sensitive memory contents. Apple has addressed this issue in macOS 14 through enhanced validation checks to mitigate the risks associated with this vulnerability, ensuring a more secure environment for users.

Affected Version(s)

macOS < 14

References

https://support.apple.com/en-us/120950

CVSS V3.1

Score:

6.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 11, 2025
Vulnerability Reserved
Sep 14, 2023

JSON