First published: Mon Jul 24 2023(Updated: )
PackageKit. The issue was addressed with improved checks.
Credit: Mickey Jin @patch1t product-security@apple.com product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
<13.5 | 13.5 | |
Apple macOS | >=13.0<13.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2023-38564 is a vulnerability in PackageKit, a package manager for macOS, that allows an app to modify protected parts of the file system.
CVE-2023-38564 has a severity rating of 7.5 (high).
CVE-2023-38564 was fixed with improved checks in the macOS Ventura 13.5 update.
CVE-2023-38564 affects macOS Ventura versions up to, but excluding, 13.5.
You can find more information about CVE-2023-38564 in the Apple support article at https://support.apple.com/en-us/HT213843.