CVE-2023-42829

MEDIUM | Platform: macOS | Changelog

CVE Details

Description

The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to access SSH passphrases.

CVSS 3.1 Score

Metric	Value
Base Score	5.5 (MEDIUM)
Vector	`CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N`

Weakness

CWE-200

References

Apple Security Advisory
NVD Entry
https://support.apple.com/en-us/HT213843 (Release Notes, Vendor Advisory)
https://support.apple.com/en-us/HT213844 (Release Notes, Vendor Advisory)
https://support.apple.com/en-us/HT213845 (Release Notes, Vendor Advisory)