CVE-2023-41975 — Apple Macos vulnerability

5 documents3 sources

Severity

4.3MEDIUMNVD

EPSS

0.2%

top 60.85%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Macos Apple Macos Monterey Apple Macos Sonoma +1 more

Timeline

PublishedOct 25

Description

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. A website may be able to access the microphone without the microphone use indicator being shown.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages5 packages

▶Appleapple/macos_sonoma14.1

▶Appleapple/macos_ventura13.6.1

▶Appleapple/macos_monterey12.7.1

▶CVEListV5apple/macosunspecified — 14.1+2

▶NVDapple/macos12.0.0 — 12.7.1+2

🔴Vulnerability Details

GHSA

GHSA-7379-vgf5-fcwc: This issue was addressed by removing the vulnerable code↗2023-10-25

▶

📋Vendor Advisories

Apple

CVE-2023-41975: macOS Sonoma 14.1↗2023-10-25

▶

Apple

CVE-2023-41975: macOS Monterey 12.7.1↗2023-10-25

▶

Apple

CVE-2023-41975: macOS Ventura 13.6.1↗2023-10-25

▶