PT-2023-8342 · Apple · Apple Macos

Erhad Husovic

Publicado

2023-07-24

Atualizado

2024-01-17

CVE-2023-42828

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions macOS versions prior to 13.5

Description The issue is related to a lack of access control in the macOS operating system, specifically in the crontabs task scheduler. This could allow an attacker to gain root privileges. The estimated number of potentially affected devices is not specified.

Recommendations For macOS versions prior to 13.5, update to macOS Ventura 13.5 to resolve the issue. As a temporary workaround, consider restricting access to the crontabs task scheduler until the update is applied.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

BDU:2024-00529

CVE-2023-42828

Produtos afetados

Apple Macos

PT-2023-8342 · Apple · Apple Macos

CVE-2023-42828

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5