CVE-2023-42892

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Mar 28, 2024

Updated: Apr 8, 2024

CWE ID 416

Summary

CVE-2023-42892: A use-after-free vulnerability, which allows a local attacker to potentially elevate their privileges, has been addressed with improved memory management in macOS Ventura 13.6.3, macOS Sonoma 14.2, and macOS Monterey 12.7.2. Users are strongly advised to update their operating systems to mitigate this risk, as an attacker could exploit this issue to gain unauthorized access. The flaw enables an attacker to manipulate memory in a way that it is used after it has been freed, creating a security loophole.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MacOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/ssAv0e
https://www.cve.org/CVERecord?id=CVE-2023-42892
https://nvd.nist.gov/vuln/detail/CVE-2023-42892

Back to Vulnerability Database