CVE-2023-42931

Name of the Vulnerable Software and Affected Versions macOS versions prior to 12.7.2 macOS versions prior to 13.6.3 macOS versions prior to 14.2

Description A process may gain admin privileges without proper authentication. The issue was addressed with improved checks. Unprivileged users, including those with guest access, may escalate permissions and gain full root control over the system. This is achieved through exploitation of the "diskutil" command line utility, which allows local users to mount filesystems with particular settings.

Recommendations For macOS versions prior to 12.7.2, update to macOS Monterey 12.7.2 or later. For macOS versions prior to 13.6.3, update to macOS Ventura 13.6.3 or later. For macOS versions prior to 14.2, update to macOS Sonoma 14.2 or later. As a temporary workaround, consider restricting access to the diskutil command line utility until a patch is available.