- Description
- This issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to gain root privileges.
- Source
- product-security@apple.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
Threat Alert: macOS Vulnerability (CVE-2023-32428) Grants Root Access, PoC Published CVE-2023-32428 Severity: 🔴 High Maturity: 💢 Emerging Learn more: https://t.co/S0I2E1ecCu #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
3 Dec 2024
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#exploit 1. CVE-2023-5717: Linux Kernel Perf OOB write https://t.co/OrswxjrtZb 2. CVE-2023-32428: macOS LPE via Malloc Stack Logging https://t.co/rvTmmxSNLh ]-> PoC 3. CVE-2024-44175: macOS diskarbitrationd Symlink Validation (TOCTOU LPE) https://t.co/sK8bF6BUIH
@ksg93rd
30 Nov 2024
255 Impressions
5 Retweets
8 Likes
1 Bookmark
0 Replies
0 Quotes
badmalloc (CVE-2023-32428) - a macOS LPE https://t.co/bWjyDue5QY #Pentesting #CyberSecurity #Infosec https://t.co/YBlj3m4zAc
@ptracesecurity
28 Nov 2024
1641 Impressions
5 Retweets
29 Likes
8 Bookmarks
0 Replies
0 Quotes
macOSでroot権限を取得可能なローカル権限昇格脆弱性CVE-2023-32428について、Poc(攻撃の概念実証コード)が公開された。MallocStackLoggingフレームワークにおける脆弱性で、このフレームワークは特別な権限無しに任意のプロセスにロードされることが可能な点を悪用。 https://t.co/mv2RwX3B2m
@__kokumoto
27 Nov 2024
2148 Impressions
14 Retweets
37 Likes
5 Bookmarks
0 Replies
0 Quotes
macOS Vulnerability (CVE-2023-32428) Grants Root Access, PoC Published https://t.co/REwku94M7o
@Dinosn
27 Nov 2024
19397 Impressions
110 Retweets
314 Likes
98 Bookmarks
3 Replies
1 Quote
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A4021D9E-B688-4FBC-B43A-D3C28FD38E67",
"versionEndExcluding": "16.5"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CFA59B02-43A5-4865-8560-AA32D69E5C5E",
"versionEndExcluding": "16.5"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B",
"versionEndExcluding": "13.4",
"versionStartIncluding": "13.0"
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9",
"versionEndExcluding": "16.5"
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C",
"versionEndExcluding": "9.5"
}
],
"operator": "OR"
}
]
}
]