PT-2023-8335 · Apple · Apple Macos+2

Gergely Kalman

Published

2023-09-26

Updated

2023-10-05

CVE-2023-41986

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions macOS versions prior to Sonoma 14 iOS versions prior to 17 iPadOS versions prior to 17

Description The issue is related to insufficient access restrictions in the Music component of macOS, iPadOS, and iOS operating systems. Exploitation of this issue may allow an attacker to elevate their privileges. An app may be able to modify protected parts of the file system.

Recommendations For macOS versions prior to Sonoma 14, update to macOS Sonoma 14 to resolve the issue. For iOS versions prior to 17, update to iOS 17 to resolve the issue. For iPadOS versions prior to 17, update to iPadOS 17 to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

BDU:2024-00489

CVE-2023-41986

Affected Products

Apple Macos

Ios

Ipados

PT-2023-8335 · Apple · Apple Macos+2

CVE-2023-41986

Weakness Enumeration

Related Identifiers

Affected Products

References · 11