Rewterz Threat Alert – AsyncRAT – Active IOCs
January 24, 2023Rewterz Threat Advisory – Multiple Apple Safari WebKit Vulnerabilities
January 24, 2023Rewterz Threat Alert – AsyncRAT – Active IOCs
January 24, 2023Rewterz Threat Advisory – Multiple Apple Safari WebKit Vulnerabilities
January 24, 2023Severity
Medium
Analysis Summary
CVE-2023-23508 CVSS:5.5
Apple macOS Ventura could allow a local attacker to bypass security restrictions, caused by an issue in the Windows Installer component. By using a specially-crafted application, an attacker could exploit this vulnerability to bypass Privacy preferences.
CVE-2023-23501 CVSS:5.5
Apple macOS Ventura could allow a local attacker to obtain sensitive information, caused by an issue in the Wi-Fi component. By using a specially-crafted application, an attacker could exploit this vulnerability to disclose kernel memory.
CVE-2023-23511 CVSS:5.5
Apple macOS Ventura could allow a local attacker to bypass security restrictions, caused by an issue in the Weather component. By using a specially-crafted application, an attacker could exploit this vulnerability to bypass Privacy preferences.
CVE-2023-23505 CVSS:5.5
Apple macOS Ventura could allow a local attacker to obtain sensitive information, caused by a privacy issue in the Screen Time component. By using a specially-crafted application, an attacker could exploit this vulnerability to access information about a user’s contacts.
CVE-2023-23512 CVSS:6.5
Apple macOS Ventura is vulnerable to a denial of service, caused by an error in the Safari component. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-23510 CVSS:5.5
Apple macOS Ventura could allow a local attacker to bypass security restrictions, caused by a permissions issue in the Safari component. By using a specially-crafted application, an attacker could exploit this vulnerability to access a user’s Safari history.
CVE-2023-23497 CVSS:7.8
Apple macOS Ventura could allow a local attacker to gain elevated privileges on the system, caused by a logic issue in the PackageKit component. By using a specially-crafted application, an attacker could exploit this vulnerability to gain root privileges.
CVE-2023-23503 CVSS:5.5
Apple macOS Ventura could allow a local attacker to bypass security restrictions, caused by a logic issue in the Maps component. By using a specially-crafted application, an attacker could exploit this vulnerability to bypass Privacy preferences.
CVE-2023-23498 CVSS:5.5
Apple macOS Ventura could allow a local attacker to bypass security restrictions, caused by a logic issue in the Mail Drafts component. By using a specially-crafted application, an attacker could exploit this vulnerability to select the quoted original message from the wrong email when forwarding an email from an Exchange account.
CVE-2023-23506 CVSS:5.5
Apple macOS Ventura could allow a local attacker to obtain sensitive information, caused by an issue in the libxpc component. By using a specially-crafted application, an attacker could exploit this vulnerability to access user-sensitive data.
CVE-2023-23504 CVSS:7.8
Apple macOS Ventura could allow a local attacker to gain elevated privileges on the system, caused by a flaw in the Kernel component. By using a specially-crafted application, an attacker could exploit this vulnerability to execute arbitrary code with kernel privileges.
CVE-2023-23502 CVSS:5.5
Apple macOS Ventura could allow a local attacker to obtain sensitive information, caused by an issue in the Kernel component. By using a specially-crafted application, an attacker could exploit this vulnerability to determine kernel memory layout.
CVE-2023-23500 CVSS:5.5
Apple macOS Ventura could allow a local attacker to obtain sensitive information, caused by an issue in the Kernel component. By using a specially-crafted application, an attacker could exploit this vulnerability to leak sensitive kernel state.
CVE-2023-23513 CVSS:7.8
Apple macOS Ventura is vulnerable to a buffer overflow, caused by improper bounds checking by the dcerpc component. By mounting a maliciously crafted Samba network share, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-23507 CVSS:7.8
Apple macOS Ventura could allow a local attacker to gain elevated privileges on the system, caused by a flaw in the Intel Graphics Driver component. By using a specially-crafted application, an attacker could exploit this vulnerability to execute arbitrary code with kernel privileges.
CVE-2023-23519 CVSS:5.5
Apple macOS Ventura is vulnerable to a denial of service, caused by a memory corruption issue in the ImageIO component. By using a specially-crafted application, a local attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-23493 CVSS:5.5
Apple macOS Ventura could allow a local attacker to bypass security restrictions, caused by a logic issue in the DiskArbitration component. By using a specially-crafted application, an attacker could exploit this vulnerability to allow an encrypted volume may be unmounted and remounted by a different user without prompting for the password.
CVE-2023-23499 CVSS:5.5
Apple macOS Ventura could allow a local attacker to obtain sensitive information, caused by an issue in the AppleMobileFileIntegrity component. By using a specially-crafted application, an attacker could exploit this vulnerability to access user-sensitive data.
Impact
- Privilege Escalation
- Denial of Service
- Security Bypass
- Information Disclosure
- Buffer Overflow
Indicators Of Compromise
CVE
- CVE-2023-23508
- CVE-2023-23501
- CVE-2023-23511
- CVE-2023-23505
- CVE-2023-23512
- CVE-2023-23510
- CVE-2023-23497
- CVE-2023-23503
- CVE-2023-23498
- CVE-2023-23506
- CVE-2023-23504
- CVE-2023-23502
- CVE-2023-23500
- CVE-2023-23513
- CVE-2023-23507
- CVE-2023-23519
- CVE-2023-23493
- CVE-2023-23499
Affected Vendors
Apple
Affected Products
- Apple macOS Ventura 13.1
Remediation
Refer to Apple security document for patch, upgrade or suggested workaround information.