First published: Mon Mar 27 2023(Updated: )
AMD. A buffer overflow issue was addressed with improved memory handling.
Credit: Joshua Jones Ye Zhang @VAR10CK Baidu Securityan anonymous researcher Csaba Fitzl @theevilbit Offensive SecurityMickey Jin @patch1t ryuzaki Murray Mike Arsenii Kostromin (0x3c3e) Félix Poulin-Bélanger David Pan Ogea Xinru Chi Pangu LabNed Williamson Google Project ZeroPan ZhenPeng STAR Labs SG PteZweig Kunlun LabZhuowei Zhang Adam M. Guilherme Rambo Best Buddy AppsCVE-2023-0433 CVE-2023-0512 Brandon Dalton @partyD0lphin Red CanaryRıza Sabuncu @rizasabuncu JeongOhKyea Tingting Yin Tsinghua UniversityAleksandar Nikolic Cisco TalosAntonio Zekic @antoniozekic John Aakerblom @jaakerblom Mohamed GHANNAM @_simo36 product-security@apple.com sqrtpwn Mickey Jin @patch1t FFRI Security IncKoh M. Nakagawa FFRI Security Inc Offensive SecurityYiğit Can YILMAZ @yilmazcanyigit Jubaer Alnazi Jabin TRS Group Of CompaniesWenchao Li Alibaba GroupXiaolong Bai Alibaba GroupMeysam Firouzi @R00tkitSMM Mbition Mercedesjzhu Trend Micro Zero Day InitiativePan ZhenPeng @Peterpan0927 STAR Labs SG PteAdam Doupé ASU SEFCOMan anonymous researcher Red CanaryMilan Tenk F FArthur Valiev FdevelopStorm Khiem Tran Masahiro Kawada @kawakatz GMO Cybersecurity by Ierae Alibaba GroupXin Huang @11iaxH CVE-2023-0049 CVE-2023-0051 CVE-2023-0054 CVE-2023-0288 Gertjan Franken imecKU Leuven hazbinhotel Trend Micro Zero Day InitiativeGeorgy Kucherin @kucher1n KasperskyLeonid Bezvershenko @bzvr_ KasperskyBoris Larin @oct0xor Kaspersky KasperskyValentin Pashkov KasperskyAnonymous Trend Micro Zero Day InitiativeDohyun Lee @l33d0hyun SSD Labscrixer @pwning_me SSD LabsJubaer Alnazi TRS Group of CompaniesMikko Kenttälä ) @Turmio_ SensorFuChan Shue Long Offensive SecurityJunoh Lee at Theori CVE-2022-43551 CVE-2022-43552 ABC Research s.r.o. Mohamed Ghannam @_simo36
Affected Software | Affected Version | How to fix |
---|---|---|
Apple macOS | <11.7.5 | 11.7.5 |
Apple iOS and macOS | <11.7.5 | |
Apple iOS and macOS | >=12.0.0<12.6.4 | |
Apple iOS and macOS | >=13.0<13.3 | |
macOS | <12.6.4 | 12.6.4 |
macOS Ventura | <13.3 | 13.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
(Found alongside the following vulnerabilities)
CVE-2023-28197 is a vulnerability in Messages on macOS Ventura that allows unauthorized access.
The severity of CVE-2023-28197 is not specified in the provided information.
CVE-2023-28197 affects macOS Ventura version 13.3.
To fix CVE-2023-28197, update macOS Ventura to version 13.3 or later by following the instructions provided by Apple.
More information about CVE-2023-28197 can be found on the Apple support website: https://support.apple.com/en-us/HT213670