Jewel Lambert

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 14.1 **Description** The issue is related to errors in security settings of the Emoji component in the macOS operating system. An attacker may be able to execute arbitrary code as root from the Lock Screen. This is achieved by exploiting the vulnerability in the options offered on a locked device. **Recommendations** For versions prior to 14.1, update to macOS Sonoma 14.1 to resolve the issue. As a temporary workaround, consider restricting options offered on a locked device to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 11.4 Security Update versions prior to 2021-003 Catalina Security Update versions prior to 2021-004 Mojave **Description** A logic issue was addressed with improved state management, which could allow a person with physical access to a Mac to bypass the Login Window. **Recommendations** For macOS versions prior to 11.4, update to macOS Big Sur 11.4 or later. For Security Update versions prior to 2021-003 Catalina, apply Security Update 2021-003 Catalina or later. For Security Update versions prior to 2021-004 Mojave, apply Security Update 2021-004 Mojave or later.

**Name of the Vulnerable Software and Affected Versions** macOS Big Sur versions prior to 11.2 Security Update versions prior to 2021-001 on Catalina Security Update versions prior to 2021-001 on Mojave Security Update versions prior to 2020-001 on Catalina Security Update versions prior to 2020-007 on Mojave **Description** An authentication issue was addressed with improved state management, allowing an attacker in a privileged network position to potentially bypass authentication policy. **Recommendations** For macOS Big Sur versions prior to 11.2, update to macOS Big Sur 11.2 or later. For Security Update versions prior to 2021-001 on Catalina, apply Security Update 2021-001 or later. For Security Update versions prior to 2021-001 on Mojave, apply Security Update 2021-001 or later. For Security Update versions prior to 2020-001 on Catalina, apply Security Update 2020-001 or later. For Security Update versions prior to 2020-007 on Mojave, apply Security Update 2020-007 or later.