PT-2023-28651 · Apple · Macos Monterey+7

Guluisacat

Published

2023-12-11

Updated

2025-03-13

CVE-2023-42947

CVSS v3.1

8.6

High

Vector

AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions macOS Monterey versions prior to 12.7.2 macOS Ventura versions prior to 13.6.3 iOS versions prior to 17.2 iPadOS versions prior to 17.2 tvOS versions prior to 17.2 watchOS versions prior to 10.2 macOS Sonoma versions prior to 14.2

Description A path handling issue was addressed with improved validation, which may allow an app to break out of its sandbox.

Recommendations For macOS Monterey, update to version 12.7.2 or later. For macOS Ventura, update to version 13.6.3 or later. For iOS, update to version 17.2 or later. For iPadOS, update to version 17.2 or later. For tvOS, update to version 17.2 or later. For watchOS, update to version 10.2 or later. For macOS Sonoma, update to version 14.2 or later.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2023-42947

Affected Products

Apple Macos

Ios

Ipados

Macos Monterey

Macos Sonoma

Macos Ventura

Tvos

Watchos

PT-2023-28651 · Apple · Macos Monterey+7

CVE-2023-42947

Weakness Enumeration

Related Identifiers

Affected Products

References · 15