CVE-2023-40425

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Published Oct 25, 2023

Updated: Nov 2, 2023

CWE ID 532

Summary

CVE-2023-40425 is a privacy vulnerability affecting macOS Monterey. It was addressed in the 12.7.1 update with improved private data redaction for log entries. Prior to this fix, an app with root privileges could potentially gain access to sensitive information despite the redaction efforts. This issue could have significant implications for user privacy and security. It is essential for users to keep their systems updated to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MacOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sWFKuU
https://www.cve.org/CVERecord?id=CVE-2023-40425
https://nvd.nist.gov/vuln/detail/CVE-2023-40425

Back to Vulnerability Database