CVE-2023-42829

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jan 10, 2024

Updated: Jan 17, 2024

Summary

CVE-2023-42829 is a vulnerability affecting macOS where an app could potentially access SSH passphrases. The issue has been resolved with added restrictions on app state observability in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, and macOS Ventura 13.5. This security flaw posed a significant risk to user data as passphrases provide an essential layer of protection for SSH-secured connections. With the fix in place, the vulnerability is now mitigated, safeguarding user data from potential unauthorized access.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MacOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/ssAoG6
https://www.cve.org/CVERecord?id=CVE-2023-42829
https://nvd.nist.gov/vuln/detail/CVE-2023-42829

Back to Vulnerability Database