First published: Mon Mar 27 2023(Updated: )
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. An app may be able to modify protected parts of the file system
Credit: product-security@apple.com product-security@apple.com Mickey Jin @patch1t FFRI Security IncKoh M. Nakagawa FFRI Security Inc Offensive SecurityCsaba Fitzl @theevilbit Offensive SecurityMickey Jin @patch1t FFRI Security IncKoh M. Nakagawa FFRI Security Inc Offensive SecurityCsaba Fitzl @theevilbit Offensive Security
Affected Software | Affected Version | How to fix |
---|---|---|
Apple macOS | <12.6.4 | |
Apple macOS | >=13.0<13.3 | |
<12.6.4 | 12.6.4 | |
Apple macOS Ventura | <13.3 | 13.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
The severity of CVE-2023-23533 is medium with a severity value of 5.5.
Due to a logic issue, an app may be able to modify protected parts of the file system in CVE-2023-23533.
Versions up to but excluding macOS Ventura 13.3 are affected by CVE-2023-23533.
CVE-2023-23533 is fixed in macOS Ventura 13.3 and macOS Monterey 12.6.4.
You can find more information about CVE-2023-23533 on the Apple support website at the following URLs: [https://support.apple.com/en-us/HT213670](https://support.apple.com/en-us/HT213670) and [https://support.apple.com/en-us/HT213677](https://support.apple.com/en-us/HT213677).