CVE-2023-38571
HIGH | Platform: macOS | Changelog
CVE Details
Description
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to bypass Privacy preferences.
CVSS 3.1 Score
| Metric | Value |
|---|---|
| Base Score | 7.5 (HIGH) |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
References
- Apple Security Advisory
- NVD Entry
- https://support.apple.com/en-us/HT213843 (Vendor Advisory)
- https://support.apple.com/en-us/HT213844 (Vendor Advisory)
- https://support.apple.com/en-us/HT213845 (Vendor Advisory)
- https://support.apple.com/kb/HT213843 (Vendor Advisory)
- https://support.apple.com/kb/HT213845 (Vendor Advisory)