PT-2023-4205 · Apple · Grapher+4

Bool

Publicado

2023-07-24

Atualizado

2023-08-02

CVE-2023-36854

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions macOS Big Sur versions 11.7.9 and earlier macOS Monterey versions 12.6.8 and earlier macOS Ventura versions 13.5 and earlier

Description The issue is related to insufficient input validation in the Grapher component of macOS operating systems, which may lead to unexpected app termination or arbitrary code execution when processing a file.

Recommendations For macOS Big Sur version 11.7.9 and earlier, update to version 11.7.9 or later. For macOS Monterey version 12.6.8 and earlier, update to version 12.6.8 or later. For macOS Ventura version 13.5 and earlier, update to version 13.5 or later.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

BDU:2023-04520

CVE-2023-36854

Produtos afetados

Grapher

Apple Macos

Macos Big Sur

Macos Monterey

Macos Ventura

PT-2023-4205 · Apple · Grapher+4

CVE-2023-36854

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7