CVE-2023-42913

HIGH

macOS Sonoma <14.2 - Info Disclosure

Title source: llm

Description

This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.2. Remote Login sessions may be able to obtain full disk access permissions.

References (2)

[Release Notes, Vendor Advisory] https://support.apple.com/en-us/HT214036

[Vendor Advisory] https://support.apple.com/kb/HT214036

Scores

CVSS v3 8.8

EPSS 0.0037

EPSS Percentile 58.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-922

Status published

Products (1)

apple/macos < 14.2

Published Mar 28, 2024

Tracked Since Feb 18, 2026