CVE-2023-40392

CVSS 3.1 Score 3.3 of 10 (low)

Details

Published Sep 6, 2023

Updated: Dec 22, 2023

CWE ID 532

Summary

CVE-2023-40392 is a privacy vulnerability affecting macOS Ventura. This issue was resolved in version 13.5, as it allowed certain apps to access sensitive location information from log entries despite privacy redactions. Prior to the update, private data in log entries was not adequately redacted, potentially exposing user location data to unintended applications.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Apple (iPhone OS)
MacOS
iPadOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sWE10u
https://www.cve.org/CVERecord?id=CVE-2023-40392
https://nvd.nist.gov/vuln/detail/CVE-2023-40392

Back to Vulnerability Database