CVE-2023-42826

Name of the Vulnerable Software and Affected Versions macOS versions prior to 14

Description The issue is related to a buffer out-of-bounds write in the Model I/O framework of the macOS operating system. It may allow an attacker to execute arbitrary code with the help of a specially crafted file. Interaction with the Hydra library is required to exploit this issue, but attack vectors may vary. Processing a file may lead to arbitrary code execution.

Recommendations For versions prior to 14, update to macOS Sonoma 14 to resolve the issue. As a temporary workaround, consider avoiding the processing of potentially malicious files until the update is applied. Restrict access to the Hydra library to minimize the risk of exploitation.