CVE-2023-42935

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jan 23, 2024

Updated: Jan 29, 2024

Summary

CVE-2023-42935 is a newly identified authentication issue affecting macOS Ventura. The vulnerability involves insufficient state management, which could enable a local attacker to access the desktop of the previously logged-in user via the fast user switching screen. Apple addressed this security weakness in macOS Ventura 13.6.4 by improving the system's authentication processes. This issue may pose a privacy concern for users, as unauthorized individuals could potentially view sensitive information on the previous user's desktop.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MacOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/ssAfnX
https://www.cve.org/CVERecord?id=CVE-2023-42935
https://nvd.nist.gov/vuln/detail/CVE-2023-42935

Back to Vulnerability Database