Rewterz Threat Advisory – Multiple Apple macOS Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-23272 CVSS:5.5

Apple macOS Monterey could allow a local attacker to obtain sensitive information, caused by a logic issue in the Storage Services component. By using a specially crafted application, an attacker could exploit this vulnerability to gain access to protected parts of the file system.

CVE-2024-23245 CVSS:5.5

Apple macOS Monterey could allow a local attacker to bypass security restrictions, caused by an issue in the Shortcuts component. By using a specially crafted application, an attacker could exploit this vulnerability to use a legacy action from Automator to send events to apps without user consent.

CVE-2024-23230 CVSS:5.5

Apple macOS Monterey could allow a local attacker to obtain sensitive information, caused by an error in the SharedFileList component. By using a specially crafted application, an attacker could exploit this vulnerability to access sensitive user data.

CVE-2024-23216 CVSS:5.5

Apple macOS Monterey could allow a local attacker to overwrite arbitrary files on the system, caused by a path handling issue in the PackageKit component. By using a specially crafted application, an attacker could exploit this vulnerability to overwrite arbitrary files.

CVE-2024-23267 CVSS:5.5

Apple macOS Monterey could allow a local attacker to bypass security restrictions, caused by an issue in the PackageKit component. By using a specially crafted application, an attacker could exploit this vulnerability to bypass certain Privacy preferences.

CVE-2024-23275 CVSS:5.5

Apple macOS Monterey could allow a local attacker to obtain sensitive information, caused by a race condition in the PackageKit component. By using a specially crafted application, an attacker could exploit this vulnerability to access protected user data.

CVE-2024-23268 CVSS:7.8

Apple macOS Monterey could allow a local attacker to gain elevated privileges on the system, caused by an injection issue in the PackageKit component. By using a specially crafted application, an attacker could exploit this vulnerability to gain elevated privileges on the system.

CVE-2024-23274 CVSS:7.8

Apple macOS Monterey could allow a local attacker to gain elevated privileges on the system, caused by an injection issue in the PackageKit component. By using a specially crafted application, an attacker could exploit this vulnerability to gain elevated privileges on the system.

CVE-2024-23283 CVSS:5.5

Apple macOS Monterey could allow a local attacker to obtain sensitive information, caused by a privacy issue in the Notes component. By using a specially crafted application, an attacker could exploit this vulnerability to access user-sensitive data.

CVE-2024-28826 CVSS:5.5

Apple macOS Monterey could allow a local attacker to obtain sensitive information, caused by an error in the MediaRemote component. By using a specially crafted application, an attacker could exploit this vulnerability to access sensitive user data.

CVE-2024-23201 CVSS:5.5

Apple macOS Monterey is vulnerable to a denial of service, caused by a permissions issue in the libxpc component. By using a specially crafted application, an attacker could exploit this vulnerability to cause a denial of service.

CVE-2024-23266 CVSS:5.5

Apple macOS Monterey could allow a local attacker to bypass security restrictions, caused by an issue in the Kerberos v5 PAM module component. By using a specially crafted application, an attacker could exploit this vulnerability to modify protected parts of the file system.

CVE-2024-23234 CVSS:7.8

Apple macOS Monterey could allow a local attacker to gain elevated privileges on the system, caused by an out-of-bounds write issue in the Intel Graphics Driver component. By using a specially crafted application, an attacker could exploit this vulnerability to execute arbitrary code with kernel privileges.

CVE-2024-23244 CVSS:7.8

Apple macOS Monterey could allow a local attacker to gain elevated privileges on the system, caused by a logic in the Dock component. By using a specially crafted application, an attacker could exploit this vulnerability to escalate privilege after admin user login.

CVE-2024-23247 CVSS:7.8

Apple macOS Monterey could allow a remote attacker to execute arbitrary code on the system, caused by an error in the ColorSync component. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-23269 CVSS:5.5

Apple macOS Monterey could allow a local attacker to bypass security restrictions, caused by a downgrade issue in the AppleMobileFileIntegrity component. By using a specially crafted application, an attacker could exploit this vulnerability to modify protected parts of the file system.

CVE-2024-23276 CVSS:7.8

Apple macOS Monterey could allow a local attacker to gain elevated privileges on the system, caused by a logic issue in the Admin Framework component. By using a specially crafted application, an attacker could exploit this vulnerability to gain elevated privileges on the system.

CVE-2024-23227 CVSS:5.5

Apple macOS Monterey could allow a local attacker to obtain sensitive information, caused by an error in the Airport component. By using a specially crafted application, an attacker could exploit this vulnerability to read sensitive location information.

Impact

• Information Disclosure
• Security Bypass
• Gain Access
• Privilege Escalation
• Denial of Service

Indicators Of Compromise

CVE

• CVE-2024-23272
• CVE-2024-23245
• CVE-2024-23230
• CVE-2024-23216
• CVE-2024-23267
• CVE-2024-23275
• CVE-2024-23268
• CVE-2024-23274
• CVE-2024-23283
• CVE-2024-28826
• CVE-2024-23201
• CVE-2024-23266
• CVE-2024-23234
• CVE-2024-23244
• CVE-2024-23247
• CVE-2024-23269
• CVE-2024-23276
• CVE-2024-23227

Affected Vendors

Apple

Affected Products

• Apple macOS Monterey 12.7.3

Remediation

Refer to Apple security document for patch, upgrade or suggested workaround information. 

Apple security document