Prof. J

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 14.3 **Description** The issue is related to a buffer overflow in the LLVM component of the macOS operating system, which can lead to arbitrary code execution when processing web content. This can be exploited by a remote attacker. **Recommendations** For versions prior to 14.3, update to macOS Sonoma 14.3 to fix the issue with improved memory handling.

**Name of the Vulnerable Software and Affected Versions** watchOS versions prior to 10.3 iOS versions prior to 17.3 iPadOS versions prior to 17.3 macOS Sonoma versions prior to 14.3 macOS Ventura versions prior to 13.6.4 macOS Monterey versions prior to 12.7.3 **Description** The issue is related to the Mail Search component and involves the disclosure of information through registration files. An app may be able to access sensitive user data. The estimated number of potentially affected devices is not specified. **Recommendations** For watchOS versions prior to 10.3, update to watchOS 10.3 to resolve the issue. For iOS versions prior to 17.3, update to iOS 17.3 to resolve the issue. For iPadOS versions prior to 17.3, update to iPadOS 17.3 to resolve the issue. For macOS Sonoma versions prior to 14.3, update to macOS Sonoma 14.3 to resolve the issue. For macOS Ventura versions prior to 13.6.4, update to macOS Ventura 13.6.4 to resolve the issue. For macOS Monterey versions prior to 12.7.3, update to macOS Monterey 12.7.3 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS Sonoma versions prior to 14.3 watchOS versions prior to 10.3 tvOS versions prior to 17.3 iOS versions prior to 17.3 iPadOS versions prior to 17.3 **Description** A privacy issue was addressed with improved handling of files, which may allow an app to access sensitive user data. The issue is related to insufficient input validation in the NSSpellChecker interface of Mac OS, tvOS, watchOS, iOS, and iPadOS operating systems, potentially allowing an attacker to gain unauthorized access to protected information. **Recommendations** For macOS Sonoma versions prior to 14.3, update to version 14.3 or later. For watchOS versions prior to 10.3, update to version 10.3 or later. For tvOS versions prior to 17.3, update to version 17.3 or later. For iOS versions prior to 17.3, update to version 17.3 or later. For iPadOS versions prior to 17.3, update to version 17.3 or later.

**Name of the Vulnerable Software and Affected Versions** macOS Sonoma versions prior to 14.3 watchOS versions prior to 10.3 tvOS versions prior to 17.3 iOS versions prior to 17.3 iPadOS versions prior to 17.3 **Description** The issue is related to the handling of temporary files, which may allow an app to access user-sensitive data. This could potentially bypass security restrictions and lead to unauthorized access to protected information. **Recommendations** For macOS Sonoma versions prior to 14.3, update to version 14.3 or later. For watchOS versions prior to 10.3, update to version 10.3 or later. For tvOS versions prior to 17.3, update to version 17.3 or later. For iOS versions prior to 17.3, update to version 17.3 or later. For iPadOS versions prior to 17.3, update to version 17.3 or later.

**Name of the Vulnerable Software and Affected Versions** macOS Sonoma versions prior to 14.3 watchOS versions prior to 10.3 tvOS versions prior to 17.3 iOS versions prior to 17.3 iPadOS versions prior to 17.3 **Description** This issue was addressed with improved redaction of sensitive information. An app may be able to view a user's phone number in system logs. **Recommendations** For macOS Sonoma versions prior to 14.3, update to macOS Sonoma 14.3. For watchOS versions prior to 10.3, update to watchOS 10.3. For tvOS versions prior to 17.3, update to tvOS 17.3. For iOS versions prior to 17.3, update to iOS 17.3. For iPadOS versions prior to 17.3, update to iPadOS 17.3.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 14.2 macOS Ventura versions prior to 13.6.3 macOS Monterey versions prior to 12.7.2 **Description** The issue is related to insufficient protection of registration data in the AppleEvents component of macOS, which may allow an unauthorized access to protected information. An app may be able to access information about a user's contacts. This issue was addressed with improved redaction of sensitive information. **Recommendations** For macOS versions prior to 14.2, update to macOS Sonoma 14.2. For macOS Ventura versions prior to 13.6.3, update to macOS Ventura 13.6.3. For macOS Monterey versions prior to 12.7.2, update to macOS Monterey 12.7.2.

**Name of the Vulnerable Software and Affected Versions** macOS Sonoma versions prior to 14.1 **Description** A permissions issue was addressed with additional restrictions. This issue may allow an app to access user-sensitive data. The vulnerability is related to insufficient access restrictions in the AppSandbox component of the macOS operating system, which could allow an attacker to execute arbitrary commands. **Recommendations** For macOS Sonoma versions prior to 14.1, update to macOS Sonoma 14.1 to resolve the issue. As a temporary workaround, consider restricting access to sensitive user data until the update is applied.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 12.7.1 macOS versions prior to 13.6.1 macOS versions prior to 14.1 **Description** A permissions issue was addressed with additional restrictions, which may allow an app to access sensitive user data. The issue is related to insufficient access control in the Mac OS operating system, potentially allowing a remote attacker to disclose protected information. **Recommendations** For macOS versions prior to 12.7.1, update to macOS Monterey 12.7.1 to resolve the issue. For macOS versions prior to 13.6.1, update to macOS Ventura 13.6.1 to resolve the issue. For macOS versions prior to 14.1, update to macOS Sonoma 14.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 14.1 iOS versions prior to 17.1 iPadOS versions prior to 17.1 **Description** A privacy issue is related to insufficient protection of registration data in the Contacts component of iOS, macOS, and iPadOS operating systems. This issue may allow an attacker to disclose protected information. The problem is associated with inadequate private data redaction for log entries, potentially enabling an app to access sensitive user data. **Recommendations** For macOS versions prior to 14.1, update to macOS Sonoma 14.1 to resolve the issue. For iOS versions prior to 17.1, update to iOS 17.1 to resolve the issue. For iPadOS versions prior to 17.1, update to iPadOS 17.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 12.7.1 macOS versions prior to 13.6.1 macOS versions prior to 14.1 **Description** The issue exists due to insufficient input validation in a component of the macOS operating system, specifically the File Provider. This can be exploited to cause a denial-of-service to Endpoint Security clients. An app may be able to cause this denial-of-service. **Recommendations** For macOS versions prior to 12.7.1, update to macOS Monterey 12.7.1 to resolve the issue. For macOS versions prior to 13.6.1, update to macOS Ventura 13.6.1 to resolve the issue. For macOS versions prior to 14.1, update to macOS Sonoma 14.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 14 **Description** The issue is related to a lack of protection for service data in the FileProvider component of the macOS operating system. This may allow an attacker to disclose protected information. An app may be able to access user-sensitive data. The issue was addressed with improved data protection. **Recommendations** For versions prior to 14, update to macOS Sonoma 14 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 17 iPadOS versions prior to 17 macOS versions prior to Sonoma 14 **Description** A permissions issue was addressed with additional restrictions. This issue allows an app to potentially bypass Privacy preferences. **Recommendations** For iOS versions prior to 17, update to iOS 17 to resolve the issue. For iPadOS versions prior to 17, update to iPadOS 17 to resolve the issue. For macOS versions prior to Sonoma 14, update to macOS Sonoma 14 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 13.5 **Description** The issue is related to insufficient access control in the Voice Memos component of the macOS operating system. It may allow an attacker to gain unauthorized access to sensitive information. The estimated number of potentially affected devices is not specified. **Recommendations** For versions prior to 13.5, update to macOS Ventura 13.5 to resolve the issue. As a temporary workaround, consider restricting access to sensitive user data until the update is applied.