Rewterz Threat Alert – Bitter APT Group – Active IOCs
September 28, 2023Rewterz Threat Alert – An Emerging Ducktail Infostealer – Active IOCs
September 28, 2023Rewterz Threat Alert – Bitter APT Group – Active IOCs
September 28, 2023Rewterz Threat Alert – An Emerging Ducktail Infostealer – Active IOCs
September 28, 2023Severity
Medium
Analysis Summary
CVE-2023-41073 CVSS:5.5
Apple macOS Ventura could allow a remote attacker to obtain sensitive information, caused by an authorization issue in the libxpc component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to access protected user data, and use this information to launch further attacks against the affected system.
CVE-2023-40429 CVSS:5.5
Apple macOS Ventura could allow a remote attacker to obtain sensitive information, caused by a permissions issue in the Kernel component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to access sensitive user data, and use this information to launch further attacks against the affected system.
CVE-2023-40395 CVSS:3.3
Apple macOS Ventura could allow a remote attacker to obtain sensitive information, caused by improper handling of caches by the Game Center component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to access contacts information, and use this information to launch further attacks against the affected system.
CVE-2023-41968 CVSS:5.5
Apple macOS Ventura could allow a remote attacker to obtain sensitive information, caused by improper validation of symlinks by the StorageKit component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to read arbitrary files, and use this information to launch further attacks against the affected system
CVE-2023-32421 CVSS:5.5
Apple macOS Ventura could allow a remote attacker to obtain sensitive information, caused by improper handling of temporary files by the Messages component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to observe unprotected user data, and use this information to launch further attacks against the affected system.
CVE-2023-41986 CVSS:5.5
Apple macOS Ventura could allow a remote attacker to bypass security restrictions, caused by a flaw in the Music component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to modify protected parts of the file system.
CVE-2023-40454 CVSS:7.1
Apple macOS Ventura could allow a remote attacker to bypass security restrictions, caused by a permissions issue in the libxpc component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to delete arbitrary files on the system.
CVE-2023-41067 CVSS:5.5
Apple macOS Ventura could allow a remote attacker to bypass security restrictions, caused by a logic issue in the LaunchServices component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to bypass Gatekeeper checks.
CVE-2023-40391 CVSS:5.5
Apple macOS Ventura could allow a remote attacker to obtain sensitive information, caused by improper memory handling by the GPU Drivers component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to obtain kernel memory information, and use this information to launch further attacks against the affected system.
CVE-2023-40436 CVSS:7.1
Apple macOS Ventura is vulnerable to a denial of service, caused by improper bounds checks bounds checks by the IOAcceleratorFamily component. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause unexpected system termination or read kernel memory.
CVE-2023-40434 CVSS:3.3
Apple macOS Ventura could allow a remote attacker to obtain sensitive information, caused by a configuration issue in the iCloud Photo Library component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to access a user’s Photos Library, and use this information to launch further attacks against the affected system.
CVE-2023-41981 CVSS:4.4
Apple macOS Ventura could allow a local authenticated attacker to bypass security restrictions, caused by improper memory handling by the Kernel compnent. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass kernel memory mitigations.
CVE-2023-40400 CVSS:9.8
Apple macOS Ventura could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the libpcap component. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code or unexpected app termination.
CVE-2023-41063 CVSS:7.8
Apple macOS Ventura could allow a remote attacker to execute arbitrary code on the system, caused by improper memory handling by the Pro Res component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to execute arbitrary code with kernel privileges.
CVE-2023-37448 CVSS:4.6
Apple macOS Ventura could allow a physical attacker to obtain sensitive information, caused by a lock screen issue in the Power Management component. By performing specially crafted operations, an attacker could exploit this vulnerability to view restricted content from the lock screen, and use this information to launch further attacks against the affected system.
CVE-2023-35990 CVSS:3.3
Apple macOS Ventura could allow a remote attacker to obtain sensitive information, caused by a flaw in the Safari component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to identify what other apps a user has installed, and use this information to launch further attacks against the affected system.
CVE-2023-41078 CVSS:5.5
Apple macOS Ventura could allow a remote attacker to bypass security restrictions, caused by an authorization issue in the Screen Sharing component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to bypass Privacy preferences.
CVE-2023-40452 CVSS:5.5
Apple macOS Ventura could allow a remote attacker to bypass security restrictions, caused by a flaw in the Sandbox component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to overwrite arbitrary files.
CVE-2023-41070 CVSS:5.5
Apple macOS Ventura could allow a remote attacker to obtain sensitive information, caused by a logic issue in the Share Sheet component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to access sensitive data logged when a user shares a link, and use this information to launch further attacks against the affected system.
CVE-2023-40403 CVSS:6.5
Apple macOS Ventura could allow a remote attacker to obtain sensitive information, caused by improper memory handling by the libxslt component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-41995 CVSS:7.8
Apple macOS Ventura could allow a remote attacker to obtain sensitive information, caused by improper memory handling by the libxslt component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-41984 CVSS:7.8
Apple macOS Ventura could allow a remote attacker to execute arbitrary code on the system, caused by improper memory handling by the Kernel component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to execute arbitrary code with kernel privileges.
CVE-2023-23495 CVSS:5.5
Apple macOS Ventura could allow a remote attacker to obtain sensitive information, caused by a permissions issue in the iCloud component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to access sensitive user data, and use this information to launch further attacks against the affected system.
CVE-2023-38586 CVSS:5.5
Apple macOS Ventura could allow a local authenticated attacker to bypass security restrictions, caused by an access issue by the Image Capture component. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass sandbox restrictions.
CVE-2023-41066 CVSS:5.5
Apple macOS Ventura could allow a remote attacker to obtain sensitive information, caused by an authentication issue in the Windows Server component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to obtain user credentials from secure text fields, and use this information to launch further attacks against the affected system.
CVE-2023-41079 CVSS:5.5
Apple macOS Ventura could allow a remote attacker to bypass security restrictions, caused by improper permissions logic in the Shortcuts component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to bypass Privacy preferences.
CVE-2023-40424 CVSS:5.5
Apple macOS Ventura could allow a remote attacker to obtain sensitive information, caused by a flaw in the TCC component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to access user-sensitive data, and use this information to launch further attacks against the affected system.
CVE-2023-40541 CVSS:5.5
Apple macOS Ventura could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the Shortcuts component. By using a specially crafted shortcut, an attacker could exploit this vulnerability to obtain sensitive user data, and use this information to launch further attacks against the affected system.
CVE-2023-40422 CVSS:5.5
Apple macOS Ventura is vulnerable to a denial of service, caused by improper memory handling by the QuartzCore component. By persuading a victim to execute a specially crafted application, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2023-39233 CVSS:6.5
Apple macOS Ventura could allow a remote attacker to obtain sensitive information, caused by a flaw in the Safari component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-40386 CVSS:5.5
Apple macOS Ventura could allow a remote attacker to obtain sensitive information, caused by improper handling of temporary files by the Notes component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to access Notes attachments, and use this information to launch further attacks against the affected system.
CVE-2023-40441 CVSS:6.5
Apple macOS Ventura is vulnerable to a denial of service, caused by a resource exhaustion issue in the GPU Drivers component. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2023-40450 CVSS:5.5
Apple macOS Ventura could allow a remote attacker to bypass security restrictions, caused by a flaw in the System Preferences component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to bypass Gatekeeper checks.
CVE-2023-39434 CVSS:7.8
Apple macOS Ventura could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free flaw in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-41979 CVSS:5.5
Apple macOS Ventura could allow a remote attacker to bypass security restrictions, caused by a race condition in the XProtectFramework component. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to modify protected parts of the file system.
CVE-2023-40407 CVSS:7.5
Apple macOS Ventura s vulnerable to a denial of service, caused by a flaw in the CUPS component. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
Impact
- Information Disclosure
- Security Bypass
- Denial of Service
- Gain Access
- Code Execution
Indicators Of Compromise
CVE
- CVE-2023-41073
- CVE-2023-40429
- CVE-2023-40395
- CVE-2023-41968
- CVE-2023-32421
- CVE-2023-41986
- CVE-2023-40454
- CVE-2023-41067
- CVE-2023-40391
- CVE-2023-40436
- CVE-2023-40434
- CVE-2023-41981
- CVE-2023-40400
- CVE-2023-41063
- CVE-2023-37448
- CVE-2023-35990
- CVE-2023-41078
- CVE-2023-40452
- CVE-2023-41070
- CVE-2023-40403
- CVE-2023-41995
- CVE-2023-41984
- CVE-2023-23495
- CVE-2023-38586
- CVE-2023-41066
- CVE-2023-41079
- CVE-2023-40424
- CVE-2023-40541
- CVE-2023-40422
- CVE-2023-39233
- CVE-2023-40386
- CVE-2023-40441
- CVE-2023-40450
- CVE-2023-39434
- CVE-2023-41979
- CVE-2023-40407
Affected Vendors
Apple
Affected Products
- Apple macOS Ventura 13.5.0
Remediation
Refer to Apple security document for patch, upgrade or suggested workaround information.