March 22, 2024
Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]
Rewterz Threat Advisory – CVE-2023-23529 – Apple Safari WebKit Vulnerability
February 14, 2023
Rewterz Threat Alert – APT-C-35 aka Donot APT Group – Active IOCs
February 14, 2023
Rewterz Threat Advisory – CVE-2023-23529 – Apple Safari WebKit Vulnerability
February 14, 2023
Rewterz Threat Alert – APT-C-35 aka Donot APT Group – Active IOCs
February 14, 2023
Severity
Medium
Analysis Summary
CVE-2023-23522 CVSS:5.5
Apple macOS Ventura could allow a local attacker to obtain sensitive information, caused by a privacy issue in the Shortcuts component. By using a specially-crafted application, an attacker could exploit this vulnerability to observe unprotected user data.
CVE-2023-23514 CVSS:7.8
Apple macOS Ventura could allow a local attacker to gain elevated privileges on the system, caused by a use-after-free in the Kernel component. By using a specially-crafted application, an attacker could exploit this vulnerability to execute arbitrary code with kernel privileges.
Impact
- Information Theft
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2023-23522
- CVE-2023-23514
Affected Vendors
Apple
Affected Products
- Apple macOS Ventura 13.2
- Apple iPadOS 16.3
- Apple iOS 16.3
Remediation
Refer to Apple security Advisory for patch, upgrade or suggested workaround information.