PT-2023-4205 · Apple · Grapher+4

Bool

Published

2023-07-24

Updated

2023-08-02

CVE-2023-36854

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions macOS Big Sur versions 11.7.9 and earlier macOS Monterey versions 12.6.8 and earlier macOS Ventura versions 13.5 and earlier

Description The issue is related to insufficient input validation in the Grapher component of macOS operating systems, which may lead to unexpected app termination or arbitrary code execution when processing a file.

Recommendations For macOS Big Sur version 11.7.9 and earlier, update to version 11.7.9 or later. For macOS Monterey version 12.6.8 and earlier, update to version 12.6.8 or later. For macOS Ventura version 13.5 and earlier, update to version 13.5 or later.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2023-04520

CVE-2023-36854

Affected Products

Grapher

Apple Macos

Macos Big Sur

Macos Monterey

Macos Ventura

PT-2023-4205 · Apple · Grapher+4

CVE-2023-36854

Weakness Enumeration

Related Identifiers

Affected Products

References · 7