CVE-2023-42886
CVE-2023-42886
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
12 Dec 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. A user may be able to cause unexpected app termination or arbitrary code execution.
Affected products
Apple · macOSReferences
http://seclists.org/fulldisclosure/2023/Dec/10http://seclists.org/fulldisclosure/2023/Dec/11http://seclists.org/fulldisclosure/2023/Dec/9https://support.apple.com/en-us/HT214036https://support.apple.com/en-us/HT214037https://support.apple.com/en-us/HT214038https://support.apple.com/kb/HT214036https://support.apple.com/kb/HT214037https://support.apple.com/kb/HT214038