CVE-2023-32379
In Apple macOS existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Accessibility", "AppleEvents", "AppleMobileFileIntegrity", "Associated Domains", "Contacts", "CoreLocation","CoreCapture", "Core Services", "CUPS", "dcerpc", "Dev Tools", "DesktopServices", "GeoServices", "ImageIO", "IOSurface", "IOSurfaceAccelerator", "Kernel, "LaunchServices", "libxpc", "Metal", "Model I/O", "NetworkExtension", "PackageKit", "PDFKit", "Perl", "Photos", "Sandbox", "Screen Saver","Shell", "Security", "Shortcuts", "Siri", "SQLite", "StorageKit", "System Settings", "Telephony", "TV App", "Weather", "WebKit" sowie "Wi-Fi". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Administratorrechte zu erlangen, beliebigen Programmcode auszuführen, seine Privilegien zu erweitern, Informationen offenzulegen, Dateien zu manipulieren, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich.
EPSS 0.09% · 24.9th percentile
Risk Scores
Exploit Intelligence
- CIRCL seen: CVE-2023-32379 (circl-sighting)
- https://support.apple.com/en-us/HT213758 (circl)
- https://support.apple.com/kb/HT213758 (circl)
- macos_v2_generated.go (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v1_generated.go (github-poc)
…and 5 more exploits
Timeline
- May 18, 2023 CVE Published
- Sep 6, 2023 EPSS Score
- Sep 6, 2023 PoC Published
- Oct 9, 2023 EPSS Score
- Nov 10, 2023 EPSS Score
- Dec 13, 2023 EPSS Score
- Jan 15, 2024 EPSS Score
- Feb 16, 2024 EPSS Score
- Mar 20, 2024 EPSS Score
- Apr 22, 2024 EPSS Score
- May 24, 2024 EPSS Score
- Jun 26, 2024 EPSS Score