CVE-2023-32383

This issue was addressed by forcing hardened runtime on the affected binaries at the system level. This issue is fixed in macOS Monterey 12.6.6, macOS Big Sur 11.7.7, macOS Ventura 13.4. An app may be able to inject code into sensitive binaries bundled with Xcode.
Code Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
appleCNA
---
---
CVEADP
---
---
CISA-ADPADP
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
VendorProductVersion
applemacos
𝑥
< 11.7.7
applemacos
12.0.0 ≤
𝑥
< 12.6.6
applemacos
13.0 ≤
𝑥
< 13.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.apple.com/en-us/HT213758
https://support.apple.com/en-us/HT213759
https://support.apple.com/en-us/HT213760
https://support.apple.com/en-us/HT213758
https://support.apple.com/en-us/HT213759
https://support.apple.com/en-us/HT213760