Apple Macos Monterey vulnerabilities

CVE-2023-23517 [HIGH] CVE-2023-23517: macOS Monterey 12.6.3 Apple Security Update: About the security content of macOS Monterey 12.6.3 Product: macOS Monterey Version: 12.6.3 CVE: CVE-2023-23517 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2023-23504 [HIGH] CVE-2023-23504: macOS Monterey 12.6.3 Apple Security Update: About the security content of macOS Monterey 12.6.3 Product: macOS Monterey Version: 12.6.3 CVE: CVE-2023-23504 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2023-23516 [HIGH] CVE-2023-23516: macOS Monterey 12.6.3 Apple Security Update: About the security content of macOS Monterey 12.6.3 Product: macOS Monterey Version: 12.6.3 CVE: CVE-2023-23516 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2023-23502 [MEDIUM] CVE-2023-23502: macOS Monterey 12.6.3 Apple Security Update: About the security content of macOS Monterey 12.6.3 Product: macOS Monterey Version: 12.6.3 CVE: CVE-2023-23502 Component: Kernel Impact: An app may be able to determine kernel memory layout Description: An information disclosure issue was addressed by removing the vulnerable code.

CVE-2023-23499 [MEDIUM] CVE-2023-23499: macOS Monterey 12.6.3 Apple Security Update: About the security content of macOS Monterey 12.6.3 Product: macOS Monterey Version: 12.6.3 CVE: CVE-2023-23499 Component: AppleMobileFileIntegrity Impact: An app may be able to access user-sensitive data Description: This issue was addressed by enabling hardened runtime.

CVE-2023-23508 [MEDIUM] CVE-2023-23508: macOS Monterey 12.6.3 Apple Security Update: About the security content of macOS Monterey 12.6.3 Product: macOS Monterey Version: 12.6.3 CVE: CVE-2023-23508 Component: Windows Installer Impact: An app may be able to bypass Privacy preferences Description: The issue was addressed with improved memory handling.

CVE-2023-27931 [MEDIUM] CVE-2023-27931: macOS Monterey 12.6.3 Apple Security Update: About the security content of macOS Monterey 12.6.3 Product: macOS Monterey Version: 12.6.3 CVE: CVE-2023-27931 Component: TCC Impact: An app may be able to access user-sensitive data Description: This issue was addressed by removing the vulnerable code.

CVE-2023-23511 [MEDIUM] CVE-2023-23511: macOS Monterey 12.6.3 Apple Security Update: About the security content of macOS Monterey 12.6.3 Product: macOS Monterey Version: 12.6.3 CVE: CVE-2023-23511 Component: Weather Impact: An app may be able to bypass Privacy preferences Description: The issue was addressed with improved memory handling.

CVE-2022-35260 [MEDIUM] CVE-2022-35260: macOS Monterey 12.6.3 Apple Security Update: About the security content of macOS Monterey 12.6.3 Product: macOS Monterey Version: 12.6.3 CVE: CVE-2022-35260 Component: CVE-2022-35260 Impact: Multiple issues in curl Description: Multiple issues were addressed by updating to curl version 7.85.0.

CVE-2023-23505 [LOW] CVE-2023-23505: macOS Monterey 12.6.3 Apple Security Update: About the security content of macOS Monterey 12.6.3 Product: macOS Monterey Version: 12.6.3 CVE: CVE-2023-23505 Component: Screen Time Impact: An app may be able to access information about a user’s contacts Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-23493 [LOW] CVE-2023-23493: macOS Monterey 12.6.3 Apple Security Update: About the security content of macOS Monterey 12.6.3 Product: macOS Monterey Version: 12.6.3 CVE: CVE-2023-23493 Component: DiskArbitration Impact: An encrypted volume may be unmounted and remounted by a different user without prompting for the password Description: A logic issue was addressed with improved state management.

CVE-2022-35252 [LOW] CVE-2022-35252: macOS Monterey 12.6.3 Apple Security Update: About the security content of macOS Monterey 12.6.3 Product: macOS Monterey Version: 12.6.3 CVE: CVE-2022-35252 Component: CVE-2022-35252 Impact: Mounting a maliciously crafted Samba network share may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2022-42834 [LOW] CVE-2022-42834: macOS Monterey 12.6.3 Apple Security Update: About the security content of macOS Monterey 12.6.3 Product: macOS Monterey Version: 12.6.3 CVE: CVE-2022-42834 Component: Mail Impact: An app may be able to access mail folder attachments through a temporary directory used during compression Description: An access issue was addressed with improved access restrictions.

CVE-2023-23513 [LOW] CVE-2023-23513: macOS Monterey 12.6.3 Apple Security Update: About the security content of macOS Monterey 12.6.3 Product: macOS Monterey Version: 12.6.3 CVE: CVE-2023-23513 Component: CVE-2022-35252 Impact: Mounting a maliciously crafted Samba network share may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2022-42842 [CRITICAL] CVE-2022-42842: macOS Monterey 12.6.2 Apple Security Update: About the security content of macOS Monterey 12.6.2 Product: macOS Monterey Version: 12.6.2 CVE: CVE-2022-42842 Component: Kernel Impact: A remote user may be able to cause kernel code execution Description: The issue was addressed with improved memory handling.

CVE-2022-42840 [HIGH] CVE-2022-42840: macOS Monterey 12.6.2 Apple Security Update: About the security content of macOS Monterey 12.6.2 Product: macOS Monterey Version: 12.6.2 CVE: CVE-2022-42840 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: A logic issue was addressed with improved state management.

CVE-2022-42841 [HIGH] CVE-2022-42841: macOS Monterey 12.6.2 Apple Security Update: About the security content of macOS Monterey 12.6.2 Product: macOS Monterey Version: 12.6.2 CVE: CVE-2022-42841 Component: Weather Impact: An app may be able to read sensitive location information Description: A logic issue was addressed with improved restrictions.

CVE-2022-42861 [HIGH] CVE-2022-42861: macOS Monterey 12.6.2 Apple Security Update: About the security content of macOS Monterey 12.6.2 Product: macOS Monterey Version: 12.6.2 CVE: CVE-2022-42861 Component: File System Impact: An app may be able to break out of its sandbox Description: This issue was addressed with improved checks.

CVE-2022-42845 [HIGH] CVE-2022-42845: macOS Monterey 12.6.2 Apple Security Update: About the security content of macOS Monterey 12.6.2 Product: macOS Monterey Version: 12.6.2 CVE: CVE-2022-42845 Component: Kernel Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2022-40304 [HIGH] CVE-2022-40304: macOS Monterey 12.6.2 Apple Security Update: About the security content of macOS Monterey 12.6.2 Product: macOS Monterey Version: 12.6.2 CVE: CVE-2022-40304 Component: Kernel Impact: A remote user may be able to cause kernel code execution Description: The issue was addressed with improved memory handling.