CVE-2023-41975

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Oct 25, 2023

Updated: Nov 2, 2023

Summary

CVE-2023-41975 is a vulnerability that allowed websites to access a macOS user's microphone without the microphone use indicator being displayed. Apple addressed this issue by removing the vulnerable code in macOS Sonoma 14.1, macOS Monterey 12.7.1, and macOS Ventura 13.6.1. This vulnerability posed a significant privacy concern for macOS users, as they may have been unaware that their microphone was being used. With the code removal, this vulnerability has been effectively mitigated.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MacOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tIy6ua
https://www.cve.org/CVERecord?id=CVE-2023-41975
https://nvd.nist.gov/vuln/detail/CVE-2023-41975

Back to Vulnerability Database