CVE-2023-40435

EUVD-2023-45006
This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 31%
Affected Products (NVD)
VendorProductVersion
applexcode
𝑥
< 15.0
𝑥
= Vulnerable software versions
References
http://seclists.org/fulldisclosure/2023/Oct/7
https://support.apple.com/en-us/HT213939
http://seclists.org/fulldisclosure/2023/Oct/7
https://support.apple.com/en-us/HT213939
https://support.apple.com/kb/HT213939