Rewterz Threat Advisory – Multiple Apple Products Vulnerabilities
December 12, 2023Rewterz Threat Alert – Agent Tesla Malware – Active IOCs
December 12, 2023Rewterz Threat Advisory – Multiple Apple Products Vulnerabilities
December 12, 2023Rewterz Threat Alert – Agent Tesla Malware – Active IOCs
December 12, 2023Severity
High
Analysis Summary
CVE-2023-42874 CVSS:5.5
Apple macOS Sonoma could allow a physical attacker to obtain sensitive information, caused by an issue in the Accessibility component. By using an Accessibility Keyboard when using a physical keyboard, an attacker could exploit this vulnerability to display secure text fields.
CVE-2023-42882 CVSS:7.8
Apple macOS Sonoma could allow a remote attacker to execute arbitrary code on the system, caused by an issue in the AppleVA component. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash.
CVE-2023-42900 CVSS:5.5
Apple macOS Sonoma could allow a local attacker to obtain sensitive information, caused by an issue in the CoreMedia Playback component. By using a specially crafted application, an attacker could exploit this vulnerability to access user-sensitive data.
CVE-2023-42901, CVE-2023-42902, CVE-2023-42903, CVE-2023-42904
Apple macOS Sonoma could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption in the AppleGraphicsControl component. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash.
CVE-2023-42905, CVE-2023-42906, CVE-2023-42907, CVE-2023-42908
Apple macOS Sonoma could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption in the AppleGraphicsControl component. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash.
CVE-2023-42909, CVE-2023-42910, CVE-2023-42911, CVE-2023-42912
Apple macOS Sonoma could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption in the AppleGraphicsControl component. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash.
CVE-2023-42926 CVSS:7.8
Apple macOS Sonoma could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption in the AppleGraphicsControl component. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash.
CVE-2023-42886 CVSS:7.8
Apple macOS Monterey could allow a local attacker to execute arbitrary code on the system, caused by an out-of-bounds read in the CoreServices component. By using a specially crafted application, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service.
CVE-2023-42891 CVSS:5.5
Apple macOS Monterey could allow a local attacker to bypass security restrictions, caused by an issue in the IOKit component. By using a specially crafted application, an attacker could exploit this vulnerability to monitor keystrokes without user permission.
CVE-2023-42894 CVSS:5.5
Apple macOS Monterey could allow a local attacker to obtain sensitive information, caused by an issue in the AppleEvents component. By using a specially crafted application, an attacker could exploit this vulnerability to access information about a user’s contacts.
CVE-2023-42922 CVSS:5.5
Apple macOS Monterey could allow a local attacker to obtain sensitive information, caused by an issue in the Find My component. By using a specially crafted application, an attacker could exploit this vulnerability to read sensitive location information.
CVE-2023-42932 CVSS:5.5
Apple macOS Monterey could allow a local attacker to obtain sensitive information, caused by a logic issue in the TCC component. By using a specially crafted application, an attacker could exploit this vulnerability to access protected user data.
Impact
- Code Execution
- Information Disclosure
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-42874
- CVE-2023-42882
- CVE-2023-42900
- CVE-2023-42901
- CVE-2023-42902
- CVE-2023-42903
- CVE-2023-42904
- CVE-2023-42905
- CVE-2023-42906
- CVE-2023-42907
- CVE-2023-42908
- CVE-2023-42909
- CVE-2023-42910
- CVE-2023-42911
- CVE-2023-42912
- CVE-2023-42926
- CVE-2023-42886
- CVE-2023-42891
- CVE-2023-42894
- CVE-2023-42922
- CVE-2023-42932
Affected Vendors
Apple
Affected Products
- Apple macOS Monterey 12.7.1
- Apple macOS Sonoma 14.1
Remediation
Refer to the Apple security document for patch, upgrade, or suggested workaround information.