CVE-2023-32363

MEDIUM

Apple Macos < 13.4 - Out-of-Bounds Read

Title source: rule
STIX 2.1

Description

A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Ventura 13.4. An app may be able to bypass Privacy preferences.

References (1)

Core 1
Core References
Release Notes, Vendor Advisory
https://support.apple.com/en-us/HT213758

Scores

CVSS v3 5.5
EPSS 0.0001
EPSS Percentile 0.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-125
Status published
Products (1)
apple/macos < 13.4
Published Jun 23, 2023
Tracked Since Feb 18, 2026