Rewterz Threat Alert –North Korean APT Kimsuky Aka Black Banshee – Active IOCs
January 23, 2024Rewterz Threat Update –China-Linked UNC3886 Stealthily Weaponized Highly-Severe VMware Zero-Day Vulnerability for 2 Years
January 23, 2024Rewterz Threat Alert –North Korean APT Kimsuky Aka Black Banshee – Active IOCs
January 23, 2024Rewterz Threat Update –China-Linked UNC3886 Stealthily Weaponized Highly-Severe VMware Zero-Day Vulnerability for 2 Years
January 23, 2024Severity
Medium
Analysis Summary
CVE-2024-23214 CVSS:8.8
Apple macOS Sonoma could allow a remote attacker to execute arbitrary code on the system, caused by multiple memory corruption issues in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-23203 CVSS:6.5
Apple macOS Sonoma could allow a remote attacker to obtain sensitive information, caused by an error in the Shortcuts component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to use sensitive data with certain actions without prompting the user.
CVE-2024-23209 CVSS:8.8
Apple macOS Sonoma could allow a remote attacker to execute arbitrary code on the system, caused by an error in the LLVM component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-42887 CVSS:5.5
Apple macOS Ventura could allow a local attacker to obtain sensitive information, caused by an access error in the NSOpenPanel component. By using a specially crafted application, an attacker could exploit this vulnerability to read arbitrary files.
CVE-2023-42935 CVSS:5.5
Apple macOS Ventura could allow a local attacker to obtain sensitive information, caused by an error in the LoginWindow component. By using a specially crafted application, an attacker could exploit this vulnerability to view the previous logged in user’s desktop from the fast user switching screen.
CVE-2024-23224 CVSS:5.5
Apple macOS Ventura could allow a local attacker to obtain sensitive information, caused by an error in the Finder component. By using a specially crafted application, an attacker could exploit this vulnerability to access sensitive user data.
CVE-2023-40528 CVSS:5.5
Apple macOS Ventura could allow a local attacker to bypass security restrictions, caused by an error in the Core Data component. By using a specially crafted application, an attacker could exploit this vulnerability to bypass Privacy preferences.
CVE-2023-42888 CVSS:5.5
Apple macOS Monterey could allow a remote attacker to obtain sensitive information, caused by an error in the ImageIO component. By persuading a victim to view a specially crafted image, an attacker could exploit this vulnerability to obtain process memory.
CVE-2023-42937 CVSS:5.5
Apple macOS Monterey could allow a local attacker to obtain sensitive information, caused by a privacy issue in the Accessibility component. By using a specially crafted application, an attacker could exploit this vulnerability to access sensitive user data.
Impact
- Gain Access
- Security Bypass
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2024-23214
- CVE-2024-23203
- CVE-2024-23209
- CVE-2023-42887
- CVE-2023-42935
- CVE-2024-23224
- CVE-2023-40528
- CVE-2023-42888
- CVE-2023-42937
Affected Vendors
Apple
Affected Products
- Apple macOS Sonoma 14.2
- Apple macOS Ventura 13.6.3
- Apple macOS Monterey 12.7.2
Remediation
Refer to Apple security document for patch, upgrade or suggested workaround information.