Apple Macos Monterey vulnerabilities

CVE-2024-23218 [MEDIUM] CVE-2024-23218: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23218 Component: CoreCrypto Impact: An attacker may be able to decrypt legacy RSA PKCS#1 v1.5 ciphertexts without having the private key Description: A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions.

CVE-2024-23272 [MEDIUM] CVE-2024-23272: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23272 Component: Storage Services Impact: A user may gain access to protected parts of the file system Description: A logic issue was addressed with improved checks.

CVE-2024-23269 [MEDIUM] CVE-2024-23269: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23269 Component: AppleMobileFileIntegrity Impact: An app may be able to modify protected parts of the file system Description: A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.

CVE-2023-28826 [MEDIUM] CVE-2023-28826: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2023-28826 Component: MediaRemote Impact: An app may be able to access sensitive user data Description: This issue was addressed with improved redaction of sensitive information.

CVE-2024-23264 [MEDIUM] CVE-2024-23264: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23264 Component: Metal Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization.

CVE-2024-23230 [MEDIUM] CVE-2024-23230: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23230 Component: SharedFileList Impact: An app may be able to access sensitive user data Description: This issue was addressed with improved file handling.

CVE-2024-23227 [LOW] CVE-2024-23227: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23227 Component: Airport Impact: An app may be able to read sensitive location information Description: This issue was addressed with improved redaction of sensitive information.

CVE-2024-23245 [LOW] CVE-2024-23245: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23245 Component: Shortcuts Impact: Third-party shortcuts may use a legacy action from Automator to send events to apps without user consent Description: This issue was addressed by adding an additional prompt for user consent.

CVE-2024-23257 [LOW] CVE-2024-23257: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23257 Component: ImageIO Impact: Processing an image may result in disclosure of process memory Description: The issue was addressed with improved memory handling.

CVE-2023-38545 [CRITICAL] CVE-2023-38545: macOS Monterey 12.7.3 Apple Security Update: About the security content of macOS Monterey 12.7.3 Product: macOS Monterey Version: 12.7.3 CVE: CVE-2023-38545 Component: CVE-2023-38545

CVE-2024-23222 [HIGH] CVE-2024-23222: macOS Monterey 12.7.3 Apple Security Update: About the security content of macOS Monterey 12.7.3 Product: macOS Monterey Version: 12.7.3 CVE: CVE-2024-23222 Component: CVE-2024-23222

CVE-2023-38039 [HIGH] CVE-2023-38039: macOS Monterey 12.7.3 Apple Security Update: About the security content of macOS Monterey 12.7.3 Product: macOS Monterey Version: 12.7.3 CVE: CVE-2023-38039 Component: CVE-2023-38039

CVE-2024-27791 [HIGH] CVE-2024-27791: macOS Monterey 12.7.3 Apple Security Update: About the security content of macOS Monterey 12.7.3 Product: macOS Monterey Version: 12.7.3 CVE: CVE-2024-27791 Component: Power Manager Impact: An app may be able to corrupt coprocessor memory Description: The issue was addressed with improved checks.

CVE-2024-23212 [HIGH] CVE-2024-23212: macOS Monterey 12.7.3 Apple Security Update: About the security content of macOS Monterey 12.7.3 Product: macOS Monterey Version: 12.7.3 CVE: CVE-2024-23212 Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2024-23207 [MEDIUM] CVE-2024-23207: macOS Monterey 12.7.3 Apple Security Update: About the security content of macOS Monterey 12.7.3 Product: macOS Monterey Version: 12.7.3 CVE: CVE-2024-23207 Component: Mail Search Impact: An app may be able to access sensitive user data Description: This issue was addressed with improved redaction of sensitive information.

CVE-2023-42888 [MEDIUM] CVE-2023-42888: macOS Monterey 12.7.3 Apple Security Update: About the security content of macOS Monterey 12.7.3 Product: macOS Monterey Version: 12.7.3 CVE: CVE-2023-42888 Component: ImageIO Impact: Processing a maliciously crafted image may result in disclosure of process memory Description: The issue was addressed with improved checks.

CVE-2023-42937 [MEDIUM] CVE-2023-42937: macOS Monterey 12.7.3 Apple Security Update: About the security content of macOS Monterey 12.7.3 Product: macOS Monterey Version: 12.7.3 CVE: CVE-2023-42937 Component: Accessibility Impact: An app may be able to access sensitive user data Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-38546 [LOW] CVE-2023-38546: macOS Monterey 12.7.3 Apple Security Update: About the security content of macOS Monterey 12.7.3 Product: macOS Monterey Version: 12.7.3 CVE: CVE-2023-38546 Component: CVE-2023-38546

CVE-2023-42947 [HIGH] CVE-2023-42947: macOS Monterey 12.7.2 Apple Security Update: About the security content of macOS Monterey 12.7.2 Product: macOS Monterey Version: 12.7.2 CVE: CVE-2023-42947 Component: TCC Impact: An app may be able to break out of its sandbox Description: A path handling issue was addressed with improved validation.

CVE-2023-42974 [HIGH] CVE-2023-42974: macOS Monterey 12.7.2 Apple Security Update: About the security content of macOS Monterey 12.7.2 Product: macOS Monterey Version: 12.7.2 CVE: CVE-2023-42974 Component: IOUSBDeviceFamily Impact: An app may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved state handling.