Erhad Husovic

**Name of the Vulnerable Software and Affected Versions** CoreCode MacUpdater versions prior to 2.3.8 CoreCode MacUpdater versions 3.x prior to 3.1.2 **Description** An XPC misconfiguration issue allows attackers to escalate privileges by crafting malicious .pkg files. **Recommendations** For versions prior to 2.3.8, update to version 2.3.8 or later. For versions 3.x prior to 3.1.2, update to version 3.1.2 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 13.5 **Description** The issue is related to a lack of access control in the macOS operating system, specifically in the crontabs task scheduler. This could allow an attacker to gain root privileges. The estimated number of potentially affected devices is not specified. **Recommendations** For macOS versions prior to 13.5, update to macOS Ventura 13.5 to resolve the issue. As a temporary workaround, consider restricting access to the crontabs task scheduler until the update is applied.