VDB
CNVD-2024-17856
CNVD-2024-17856
PUBLISHED
CVSS 8.600000381469727 HIGH
Apple macOS Ventura是美国Apple公司的一个桌面操作系统。 Apple多款产品存在缓冲区溢出漏洞,该漏洞源于对输入验证不正确。攻击者可利用该漏洞使用内核权限执行任意代码。
Risk Scores
CVSS v3.1
8.600000381469727
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | macOS | unspecified, unspecified, unspecified |
| Apple | iOS and iPadOS | unspecified, unspecified |
Exploit Intelligence
- Abusing CVE-2023-28206 to make something useful (github-poc)
- Abusing CVE-2023-28206 to make something useful (github-poc)
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-28206 (circl)
- https://support.apple.com/en-us/HT213723 (circl)
- https://support.apple.com/en-us/HT213720 (circl)
- https://support.apple.com/en-us/HT213721 (circl)
- https://support.apple.com/en-us/HT213724 (circl)
- https://support.apple.com/en-us/HT213725 (circl)
- CIRCL exploited: CVE-2023-28206 (circl-sighting)
- CIRCL published-proof-of-concept: CVE-2023-28206 (circl-sighting)
…and 32 more exploits
Timeline
- Apr 10, 2023 CVE Published
- Apr 10, 2023 PoC Published
- Apr 10, 2023 PoC Published
- Apr 10, 2023 PoC Published
- Apr 11, 2023 CVE ID Reserved
- Apr 11, 2023 PoC Published
- Apr 11, 2023 PoC Published
- Apr 11, 2023 PoC Published
- Apr 11, 2023 PoC Published
- Apr 12, 2023 PoC Published
- Apr 13, 2023 PoC Published
- Apr 13, 2023 PoC Published
References
- https://support.apple.com/en-us/HT213723 url
- https://support.apple.com/en-us/HT213725 url
- https://support.apple.com/en-us/HT213724 url
- https://support.apple.com/en-us/HT213721 url
- https://support.apple.com/en-us/HT213720 url
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-28206 url