← back
CVE-2023-42838

CVE-2023-42838

CVSS 8.2 HIGHEPSS 0.2%CWE-284
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.2EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
21 Feb 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.1, macOS Monterey 12.7.2. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Affected products
Apple · macOS