CVE-2023-36854

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jul 27, 2023

Updated: Aug 2, 2023

Summary

CVE-2023-36854 is a newly identified vulnerability in macOS that could lead to arbitrary code execution or unexpected app termination while processing a file. The flaw has been addressed in the latest updates of macOS Monterey 12.6.8, macOS Ventura 13.5, and macOS Big Sur 11.7.9 with improved checks. Prior to these patches, an attacker could potentially exploit the vulnerability to execute malicious code and gain unauthorized access to a system. Users are strongly encouraged to update their macOS installations as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MacOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sD0M-q
https://www.cve.org/CVERecord?id=CVE-2023-36854
https://nvd.nist.gov/vuln/detail/CVE-2023-36854

Back to Vulnerability Database