PT-2023-28621 · Apple · Macos Sonoma+1

Brandon Chesser

Published

2023-10-25

Updated

2024-06-10

CVE-2023-42861

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions macOS Sonoma versions prior to 14.1

Description A logic issue was addressed with improved state management, allowing an attacker with knowledge of a standard user's credentials to unlock another standard user's locked screen on the same Mac.

Recommendations For macOS Sonoma versions prior to 14.1, update to macOS Sonoma 14.1 to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the system to minimize the risk of exploitation.

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2023-42861

Affected Products

Apple Macos

Macos Sonoma

PT-2023-28621 · Apple · Macos Sonoma+1

CVE-2023-42861

Weakness Enumeration

Related Identifiers

Affected Products

References · 8