Apple Macos Monterey vulnerabilities

CVE-2023-32412 [CRITICAL] CVE-2023-32412: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32412 Component: Telephony Impact: A remote attacker may be able to cause unexpected app termination or arbitrary code execution Description: A use-after-free issue was addressed with improved memory management.

CVE-2023-32401 [HIGH] CVE-2023-32401: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32401 Component: Quick Look Impact: Parsing an office document may lead to an unexpected app termination or arbitrary code execution Description: A buffer overflow was addressed with improved bounds checking.

CVE-2023-32413 [HIGH] CVE-2023-32413: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32413 Component: Kernel Impact: An app may be able to gain root privileges Description: A race condition was addressed with improved state handling.

CVE-2023-32384 [HIGH] CVE-2023-32384: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32384 Component: ImageIO Impact: Processing an image may lead to arbitrary code execution Description: A buffer overflow was addressed with improved bounds checking.

CVE-2023-32380 [HIGH] CVE-2023-32380: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32380 Component: Model I/O Impact: Processing a 3D model may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2023-32357 [HIGH] CVE-2023-32357: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32357 Component: Sandbox Impact: An app may be able to retain access to system configuration files even after its permission is revoked Description: An authorization issue was addressed with improved state management.

CVE-2023-32398 [HIGH] CVE-2023-32398: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32398 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: A use-after-free issue was addressed with improved memory management.

CVE-2023-32397 [HIGH] CVE-2023-32397: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32397 Component: Shell Impact: An app may be able to modify protected parts of the file system Description: A logic issue was addressed with improved state management.

CVE-2023-32428 [HIGH] CVE-2023-32428: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32428 Component: MallocStackLogging Impact: An app may be able to gain root privileges Description: This issue was addressed with improved file handling.

CVE-2023-32405 [HIGH] CVE-2023-32405: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32405 Component: LaunchServices Impact: An app may bypass Gatekeeper checks Description: A logic issue was addressed with improved checks.

CVE-2023-32383 [HIGH] CVE-2023-32383: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32383 Component: AppleMobileFileIntegrity Impact: An app may be able to inject code into sensitive binaries bundled with Xcode Description: This issue was addressed by forcing hardened runtime on the affected binaries at the system level.

CVE-2023-27945 [MEDIUM] CVE-2023-27945: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-27945 Component: Dev Tools Impact: A sandboxed app may be able to collect system logs Description: This issue was addressed with improved entitlements.

CVE-2023-32395 [MEDIUM] CVE-2023-32395: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32395 Component: Perl Impact: An app may be able to modify protected parts of the file system Description: A logic issue was addressed with improved state management.

CVE-2023-32408 [MEDIUM] CVE-2023-32408: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32408 Component: TV App Impact: An app may be able to read sensitive location information Description: The issue was addressed with improved handling of caches.

CVE-2023-32410 [MEDIUM] CVE-2023-32410: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32410 Component: IOSurface Impact: An app may be able to leak sensitive kernel state Description: An out-of-bounds read was addressed with improved input validation.

CVE-2023-32407 [MEDIUM] CVE-2023-32407: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32407 Component: Metal Impact: An app may be able to bypass Privacy preferences Description: A logic issue was addressed with improved state management.

CVE-2023-32352 [MEDIUM] CVE-2023-32352: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32352 Component: LaunchServices Impact: An app may bypass Gatekeeper checks Description: A logic issue was addressed with improved checks.

CVE-2023-32388 [MEDIUM] CVE-2023-32388: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32388 Component: Accessibility Impact: An app may be able to bypass Privacy preferences Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-32355 [MEDIUM] CVE-2023-32355: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32355 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: A logic issue was addressed with improved state management.

CVE-2023-32411 [MEDIUM] CVE-2023-32411: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32411 Component: AppleMobileFileIntegrity Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed with improved entitlements.