First published: Wed Oct 25 2023(Updated: )
PackageKit. The issue was addressed with improved checks.
Credit: Mickey Jin @patch1t Offensive Security Offensive SecurityCsaba Fitzl @theevilbit Offensive SecurityMickey Jin @patch1t Offensive Security Offensive SecurityCsaba Fitzl @theevilbit Offensive SecurityMickey Jin @patch1t Offensive Security Offensive SecurityCsaba Fitzl @theevilbit Offensive Security product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple macOS | <14.1 | 14.1 |
macOS | <12.7.1 | 12.7.1 |
macOS Ventura | <13.6.1 | 13.6.1 |
macOS | >=12.0<12.7.1 | |
macOS | >=13.0<13.6.1 | |
macOS | =14.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2023-42840 has a medium severity rating, indicating potential risks to user-sensitive data.
To fix CVE-2023-42840, upgrade to macOS Sonoma 14.1, macOS Monterey 12.7.1, or macOS Ventura 13.6.1.
CVE-2023-42840 affects macOS versions from 12.0 up to 12.7.1 and from 13.0 up to 13.6.1.
CVE-2023-42840 may allow apps to access user-sensitive data.
CVE-2023-42840 was disclosed as part of Apple's security updates for macOS.