CVE-2023-27944

HIGH

Apple Macos < 11.7.5 - Origin Validation Error

Title source: rule

Description

This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to break out of its sandbox.

References (3)

[Release Notes, Vendor Advisory] https://support.apple.com/en-us/HT213670

[Release Notes, Vendor Advisory] https://support.apple.com/en-us/HT213675

[Release Notes, Vendor Advisory] https://support.apple.com/en-us/HT213677

Scores

CVSS v3 8.6

EPSS 0.0003

EPSS Percentile 9.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Classification

CWE

CWE-346

Status published

Affected Products (1)

apple/macos < 11.7.5

Timeline

Published May 08, 2023

Tracked Since Feb 18, 2026