CVE-2023-23501 : The issue was addressed with improved memory handling This issue is fixed in mac

The issue was addressed with improved memory handling This issue is fixed in macOS Ventura 13.2. An app may be able to disclose kernel memory.

Published 2023-02-27 20:15:13

Updated 2023-07-27 04:15:13

Source Apple Inc.

View at NVD, CVE.org

Products affected by CVE-2023-23501

Apple » Macos
Versions before (<) 13.2
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Matching versions

EPSS FAQ

0.06%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 16 %

Percentile, the proportion of vulnerabilities that are scored at or less

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N	1.8	3.6	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE-668 Exposure of Resource to Wrong Sphere

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

Assigned by: nvd@nist.gov (Primary)

Jump to