CVE-2023-42838

An access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.1, macOS Monterey 12.7.2. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.6 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
appleCNA
---
---
CVEADP
---
---
CISA-ADPADP
8.2 HIGH
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
VendorProductVersion
applemacos
12.0 ≤
𝑥
< 12.7.2
applemacos
13.0 ≤
𝑥
< 13.6.3
applemacos
14.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.apple.com/en-us/HT213984
https://support.apple.com/en-us/HT214037
https://support.apple.com/en-us/HT214038
https://support.apple.com/en-us/HT213984
https://support.apple.com/en-us/HT214037
https://support.apple.com/en-us/HT214038