CVE-2023-28206

Published at:
2023-04-10T19:15:07.273
Source: [email protected]

Global infos:

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1, iOS 15.7.5 and iPadOS 15.7.5, macOS Big Sur 11.7.6. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

CVE Status: Modified

References:

  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • af854a3a-2127-422b-91ae-364da2661108
  • af854a3a-2127-422b-91ae-364da2661108
  • af854a3a-2127-422b-91ae-364da2661108
  • af854a3a-2127-422b-91ae-364da2661108
  • af854a3a-2127-422b-91ae-364da2661108
    •

    Metrics:

    AttributeValue
    Attack ComplexityLOW
    Attack VectorLOCAL
    Availability ImpactHIGH
    Base Score8.6
    Base SeverityHIGH
    Confidentiality ImpactHIGH
    Integrity ImpactHIGH
    Privileges RequiredNONE
    ScopeCHANGED
    User InteractionREQUIRED
    Vector StringCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
    Exploitability Score1.8
    Impact Score6
    Source[email protected]
    TypePrimary

    Links:

    Exploit-db
    Github

    Most recherched CVEs
    Popular Keywords