CVE-2023-42854
First published: Wed Oct 25 2023(Updated: )
FileProvider. This issue was addressed by removing the vulnerable code.
Credit: Noah Roskin-Frazee Pr Noah Roskin-Frazee Pr Noah Roskin-Frazee Pr product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple macOS Monterey | <12.7.1 | 12.7.1 |
| Apple macOS Ventura | <13.6.1 | 13.6.1 |
| Apple macOS Sonoma | <14.1 | 14.1 |
| Apple macOS | >=12.0<12.7.1 | |
| Apple macOS | >=13.0<13.6.1 | |
| Apple macOS | >=14.0<14.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT213983 (Advisory)
- https://support.apple.com/en-us/HT213984 (Advisory)
- https://support.apple.com/en-us/HT213985 (Advisory)
- https://support.apple.com/kb/HT213984
- https://support.apple.com/kb/HT213985
- https://support.apple.com/kb/HT213983
- http://seclists.org/fulldisclosure/2023/Oct/21
- http://seclists.org/fulldisclosure/2023/Oct/24
- http://seclists.org/fulldisclosure/2023/Oct/26
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2023-42952
- CVE-2023-40449
- CVE-2023-42823
- CVE-2023-42854
- CVE-2023-40413
- CVE-2023-42844
- CVE-2023-40446
- CVE-2023-40416
- CVE-2023-40423
- CVE-2023-42849
- CVE-2023-42856
- CVE-2023-42859
- CVE-2023-42877
- CVE-2023-42840
- CVE-2023-42889
- CVE-2023-42853
- CVE-2023-42860
- CVE-2023-42873
- CVE-2023-40425
- CVE-2023-36191
- CVE-2023-40421
- CVE-2023-41975
- CVE-2023-42858
- CVE-2023-41077
- CVE-2023-42848
- CVE-2023-38403
- CVE-2023-42942
- CVE-2023-40401
- CVE-2023-42841
- CVE-2023-41254
- CVE-2023-30774
- CVE-2023-40444
- CVE-2023-42945
- CVE-2023-41072
- CVE-2023-42857
- CVE-2023-41989
- CVE-2023-42834
- CVE-2023-42953
- CVE-2023-42850
- CVE-2023-42861
- CVE-2023-42935
- CVE-2023-40408
- CVE-2023-40405
- CVE-2023-28826
- CVE-2023-40404
- CVE-2023-42847
- CVE-2023-42845
- CVE-2023-42838
- CVE-2023-42835
- CVE-2023-41977
- CVE-2023-42438
- CVE-2023-42836
- CVE-2023-42839
- CVE-2023-42878
- CVE-2023-41982
- CVE-2023-41997
- CVE-2023-41988
- CVE-2023-42946
- CVE-2023-42842
- CVE-2023-4733
- CVE-2023-4734
- CVE-2023-4735
- CVE-2023-4736
- CVE-2023-4738
- CVE-2023-4750
- CVE-2023-4751
- CVE-2023-4752
- CVE-2023-4781
- CVE-2023-40447
- CVE-2023-41976
- CVE-2023-42852
- CVE-2023-42843
- CVE-2023-41983
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID is CVE-2023-42854.
What is the description of the vulnerability?
The vulnerability allows an app to cause a denial-of-service to Endpoint Security clients.
How was this vulnerability fixed?
The vulnerability was fixed by removing the vulnerable code.
Which versions of macOS are affected?
macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1 are affected.
How can I fix this vulnerability?
Update to the latest version of macOS Sonoma 14.1, macOS Monterey 12.7.1, or macOS Ventura 13.6.1.
- collector/mitre-cve
- collector/nvd-api
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/severity
- agent/references
- agent/description
- agent/author
- agent/last-modified-date
- agent/tags
- collector/apple-support
- source/Apple
- agent/software-canonical-lookup
- vendor/apple
- canonical/apple macos
- version/apple macos/12.0
- version/apple macos/13.0
- version/apple macos/14.0
- canonical/apple macos monterey
- canonical/apple macos ventura
- canonical/apple macos sonoma