PT-2023-6714 · Apple · Macos Ventura+1

Wenchao Li

Publicado

2023-02-13

Atualizado

2025-03-11

CVE-2023-23522

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions macOS Ventura versions prior to 13.2.1

Description The issue is related to insecure temporary files in the Shortcuts component of macOS Ventura, which may allow an attacker to access confidential information. This privacy issue can be exploited by an app to observe unprotected user data due to improper handling of temporary files.

Recommendations For macOS Ventura versions prior to 13.2.1, update to version 13.2.1 to resolve the issue. As a temporary workaround, consider restricting access to sensitive data until the update is applied.

Correção

Insecure Storage of Sensitive Information

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-922CWE-377

Identificadores relacionados

BDU:2023-07485

CVE-2023-23522

Produtos afetados

Apple Macos

Macos Ventura

PT-2023-6714 · Apple · Macos Ventura+1

CVE-2023-23522

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8