PT-2023-6714 · Apple · Macos Ventura+1

Wenchao Li

Published

2023-02-13

Updated

2025-03-11

CVE-2023-23522

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions macOS Ventura versions prior to 13.2.1

Description The issue is related to insecure temporary files in the Shortcuts component of macOS Ventura, which may allow an attacker to access confidential information. This privacy issue can be exploited by an app to observe unprotected user data due to improper handling of temporary files.

Recommendations For macOS Ventura versions prior to 13.2.1, update to version 13.2.1 to resolve the issue. As a temporary workaround, consider restricting access to sensitive data until the update is applied.

Fix

Insecure Storage of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-922CWE-377

Related Identifiers

BDU:2023-07485

CVE-2023-23522

Affected Products

Apple Macos

Macos Ventura

PT-2023-6714 · Apple · Macos Ventura+1

CVE-2023-23522

Weakness Enumeration

Related Identifiers

Affected Products

References · 8