CVE-2023-38571

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jul 28, 2023

Updated: Aug 3, 2023

Summary

CVE-2023-38571 is a vulnerability affecting multiple Apple operating systems, including macOS Big Sur 11.7.9, macOS Monterey 12.6.8, and macOS Ventura 13.5. The issue stems from insufficient validation of symlinks, allowing an application to bypass Privacy preferences. By exploiting this weakness, apps could potentially access user data or perform unauthorized actions, undermining the intended privacy protections. The vulnerability has been rectified in the latest updates to the affected operating systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MacOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sD0QIs
https://www.cve.org/CVERecord?id=CVE-2023-38571
https://nvd.nist.gov/vuln/detail/CVE-2023-38571

Back to Vulnerability Database