Apple Macos Monterey vulnerabilities

CVE-2023-42829 [MEDIUM] CVE-2023-42829: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-42829 Component: OpenSSH Impact: An app may be able to access SSH passphrases Description: The issue was addressed with additional restrictions on the observability of app states.

CVE-2023-32442 [MEDIUM] CVE-2023-32442: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-32442 Component: Shortcuts Impact: A shortcut may be able to modify sensitive Shortcuts app settings Description: An access issue was addressed with improved access restrictions.

CVE-2023-42831 [MEDIUM] CVE-2023-42831: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-42831 Component: Security Impact: An app may be able to fingerprint the user Description: This issue was addressed by removing the vulnerable code.

CVE-2023-34241 [MEDIUM] CVE-2023-34241: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-34241 Component: CUPS Impact: A user in a privileged network position may be able to leak sensitive information Description: A logic issue was addressed with improved state management.

CVE-2023-38606 [MEDIUM] CVE-2023-38606: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-38606 Component: Kernel Impact: An app may be able to modify sensitive kernel state. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1. Description: This issue was addressed with improved state management.

CVE-2023-2426 [MEDIUM] CVE-2023-2426: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-2426 Component: CVE-2023-2426

CVE-2023-28320 [MEDIUM] CVE-2023-28320: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-28320 Component: CVE-2023-28320

CVE-2023-32422 [MEDIUM] CVE-2023-32422: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-32422 Component: SQLite Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed by adding additional SQLite logging restrictions.

CVE-2023-38421 [MEDIUM] CVE-2023-38421: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-38421 Component: Model I/O Impact: Processing a 3D model may result in disclosure of process memory Description: The issue was addressed with improved checks.

CVE-2023-2609 [MEDIUM] CVE-2023-2609: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-2609 Component: CVE-2023-2609

CVE-2023-29491 [MEDIUM] CVE-2023-29491: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-29491 Component: CVE-2023-1916 Impact: An app may cause unexpected app termination or arbitrary code execution Description: A memory corruption issue was addressed with improved validation.

CVE-2023-38593 [MEDIUM] CVE-2023-38593: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-38593 Component: Kernel Impact: A remote user may be able to cause a denial-of-service Description: The issue was addressed with improved checks.

CVE-2023-35983 [MEDIUM] CVE-2023-35983: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-35983 Component: Assets Impact: An app may be able to modify protected parts of the file system Description: This issue was addressed with improved data protection.

CVE-2023-32416 [MEDIUM] CVE-2023-32416: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-32416 Component: Find My Impact: An app may be able to read sensitive location information Description: A logic issue was addressed with improved restrictions.

CVE-2023-40442 [LOW] CVE-2023-40442: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-40442 Component: Accessibility Impact: An app may be able to read sensitive location information Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-40392 [LOW] CVE-2023-40392: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-40392 Component: CFNetwork Impact: An app may be able to read sensitive location information Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-38605 [LOW] CVE-2023-38605: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-38605 Component: Weather Impact: An app may be able to determine a user’s current location Description: This issue was addressed with improved redaction of sensitive information.

CVE-2023-28322 [LOW] CVE-2023-28322: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-28322 Component: CVE-2023-28322

CVE-2023-32434 [HIGH] CVE-2023-32434: macOS Monterey 12.6.7 Apple Security Update: About the security content of macOS Monterey 12.6.7 Product: macOS Monterey Version: 12.6.7 CVE: CVE-2023-32434 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7. Description: An integer overflow was addressed with improved input validation.

CVE-2023-32387 [CRITICAL] CVE-2023-32387: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32387 Component: CUPS Impact: An unauthenticated user may be able to access recently printed documents Description: An authentication issue was addressed with improved state management.