CVE-2023-42902

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Dec 12, 2023

Updated: Dec 13, 2023

CWE ID 787

Summary

CVE-2023-42902 is a memory corruption vulnerability affecting macOS Sonoma. The issue, which has been resolved in version 14.2, stems from insufficient input validation. A maliciously crafted file can exploit this vulnerability to result in unexpected app termination or even arbitrary code execution. This puts users at risk of data theft or system compromise if they process such a file. Apple recommends users update to the latest macOS version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MacOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/ssAfnF
https://www.cve.org/CVERecord?id=CVE-2023-42902
https://nvd.nist.gov/vuln/detail/CVE-2023-42902

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners