CVE-2023-42891

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Dec 12, 2023

Updated: Dec 13, 2023

Summary

CVE-2023-42891 refers to a recently identified authentication issue affecting multiple versions of macOS. This vulnerability, now resolved in Sonoma 14.2, Ventura 13.6.3, and Monterey 12.7.2, allowed applications to surreptitiously monitor keystrokes without obtaining proper user authorization. The improved state management in these updates addresses the underlying issue, providing enhanced security to users.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MacOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/ssAoF8
https://www.cve.org/CVERecord?id=CVE-2023-42891
https://nvd.nist.gov/vuln/detail/CVE-2023-42891

Back to Vulnerability Database