Apple Macos Monterey vulnerabilities

CVE-2023-41975 [MEDIUM] CVE-2023-41975: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-41975 Component: WindowServer Impact: A website may be able to access the microphone without the microphone use indicator being shown Description: This issue was addressed by removing the vulnerable code.

CVE-2023-42854 [MEDIUM] CVE-2023-42854: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-42854 Component: FileProvider Impact: An app may be able to cause a denial-of-service to Endpoint Security clients Description: This issue was addressed by removing the vulnerable code.

CVE-2023-42859 [MEDIUM] CVE-2023-42859: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-42859 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: The issue was addressed with improved checks.

CVE-2023-42840 [MEDIUM] CVE-2023-42840: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-42840 Component: PackageKit Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved checks.

CVE-2023-42860 [MEDIUM] CVE-2023-42860: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-42860 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: A permissions issue was addressed with additional restrictions.

CVE-2023-42952 [MEDIUM] CVE-2023-42952: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-42952 Component: Automation Impact: An app with root privileges may be able to access private information Description: The issue was addressed with improved checks.

CVE-2023-42823 [MEDIUM] CVE-2023-42823: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-42823 Component: CVE-2023-42823

CVE-2023-42853 [MEDIUM] CVE-2023-42853: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-42853 Component: PackageKit Impact: An app may be able to access user-sensitive data Description: A logic issue was addressed with improved checks.

CVE-2023-36191 CVE-2023-36191: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-36191 Component: CVE-2023-36191 Impact: An app may be able to access sensitive user data Description: A permissions issue was addressed with additional restrictions.

CVE-2023-41984 [HIGH] CVE-2023-41984: macOS Monterey 12.7 Apple Security Update: About the security content of macOS Monterey 12.7 Product: macOS Monterey Version: 12.7 CVE: CVE-2023-41984 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2023-40452 [HIGH] CVE-2023-40452: macOS Monterey 12.7 Apple Security Update: About the security content of macOS Monterey 12.7 Product: macOS Monterey Version: 12.7 CVE: CVE-2023-40452 Component: Sandbox Impact: An app may be able to overwrite arbitrary files Description: The issue was addressed with improved bounds checks.

CVE-2023-40409 [HIGH] CVE-2023-40409: macOS Monterey 12.7 Apple Security Update: About the security content of macOS Monterey 12.7 Product: macOS Monterey Version: 12.7 CVE: CVE-2023-40409 Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2023-41992 [HIGH] CVE-2023-41992: macOS Monterey 12.7 Apple Security Update: About the security content of macOS Monterey 12.7 Product: macOS Monterey Version: 12.7 CVE: CVE-2023-41992 Component: Kernel Impact: A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. Description: The issue was addressed with improved checks.

CVE-2023-40454 [HIGH] CVE-2023-40454: macOS Monterey 12.7 Apple Security Update: About the security content of macOS Monterey 12.7 Product: macOS Monterey Version: 12.7 CVE: CVE-2023-40454 Component: Kernel Impact: A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. Description: The issue was addressed with improved checks.

CVE-2023-40412 [HIGH] CVE-2023-40412: macOS Monterey 12.7 Apple Security Update: About the security content of macOS Monterey 12.7 Product: macOS Monterey Version: 12.7 CVE: CVE-2023-40412 Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2023-41073 [MEDIUM] CVE-2023-41073: macOS Monterey 12.7 Apple Security Update: About the security content of macOS Monterey 12.7 Product: macOS Monterey Version: 12.7 CVE: CVE-2023-41073 Component: Kernel Impact: A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. Description: The issue was addressed with improved checks.

CVE-2023-40406 [MEDIUM] CVE-2023-40406: macOS Monterey 12.7 Apple Security Update: About the security content of macOS Monterey 12.7 Product: macOS Monterey Version: 12.7 CVE: CVE-2023-40406 Component: ColorSync Impact: An app may be able to read arbitrary files Description: The issue was addressed with improved checks.

CVE-2023-40410 [MEDIUM] CVE-2023-40410: macOS Monterey 12.7 Apple Security Update: About the security content of macOS Monterey 12.7 Product: macOS Monterey Version: 12.7 CVE: CVE-2023-40410 Impact: An app may be able to disclose kernel memory Description: An out-of-bounds read was addressed with improved input validation.

CVE-2023-41968 [MEDIUM] CVE-2023-41968: macOS Monterey 12.7 Apple Security Update: About the security content of macOS Monterey 12.7 Product: macOS Monterey Version: 12.7 CVE: CVE-2023-41968 Component: Disk Management Impact: An app may be able to read arbitrary files Description: This issue was addressed with improved validation of symlinks.

CVE-2023-40420 [MEDIUM] CVE-2023-40420: macOS Monterey 12.7 Apple Security Update: About the security content of macOS Monterey 12.7 Product: macOS Monterey Version: 12.7 CVE: CVE-2023-40420 Component: CoreAnimation Impact: Processing web content may lead to a denial-of-service Description: The issue was addressed with improved memory handling.