First published: Mon Jan 23 2023(Updated: )
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to gain root privileges.
Credit: Mickey Jin @patch1t Mickey Jin @patch1t Mickey Jin @patch1t product-security@apple.com product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple macOS Monterey | <12.6.3 | 12.6.3 |
Apple macOS Big Sur | <11.7.3 | 11.7.3 |
Apple macOS | >=11.0<11.7.3 | |
Apple macOS | >=12.0.0<12.6.3 | |
Apple macOS | >=13.0<13.2 | |
<13.2 | 13.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2023-23497 is a vulnerability in PackageKit that allows an app to gain root privileges.
CVE-2023-23497 has a severity rating of 7.8 (high).
To fix CVE-2023-23497, update your macOS to Big Sur 11.7.3, Monterey 12.6.3, or Ventura 13.2.
You can find more information about CVE-2023-23497 on the Apple support website.