PT-2023-27452 · Apple · Xcode+1
James Duffy
·
Published
2023-09-18
·
Updated
2023-10-12
·
CVE-2023-40435
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Xcode versions prior to 15
Description
The issue allows an app to potentially access App Store credentials. It was addressed by enabling hardened runtime.
Recommendations
For versions prior to 15, update to Xcode 15 to resolve the issue. As a temporary workaround, consider enabling hardened runtime until the update is applied.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Apple Macos
Xcode