Apple Macos Sonoma vulnerabilities

CVE-2023-42842 [MEDIUM] CVE-2023-42842: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-42842 Component: Terminal Impact: An app may be able to access sensitive user data Description: The issue was addressed with improved checks.

CVE-2023-42878 [MEDIUM] CVE-2023-42878: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-42878 Component: Share Sheet Impact: An app may be able to access sensitive user data Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-40413 [MEDIUM] CVE-2023-40413: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-40413 Component: Find My Impact: An app may be able to read sensitive location information Description: The issue was addressed with improved handling of caches.

CVE-2023-41072 [MEDIUM] CVE-2023-41072: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-41072 Component: Contacts Impact: An app may be able to access sensitive user data Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-42861 [MEDIUM] CVE-2023-42861: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-42861 Component: Login Window Impact: An attacker with knowledge of a standard user's credentials can unlock another standard user's locked screen on the same Mac Description: A logic issue was addressed with improved state management.

CVE-2023-42836 [MEDIUM] CVE-2023-42836: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-42836 Component: Sandbox Impact: An attacker may be able to access connected network volumes mounted in the home directory Description: A logic issue was addressed with improved checks.

CVE-2023-42849 [MEDIUM] CVE-2023-42849: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-42849 Component: Kernel Impact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations Description: The issue was addressed with improved memory handling.

CVE-2023-42438 [MEDIUM] CVE-2023-42438: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-42438 Component: Safari Impact: Visiting a malicious website may lead to user interface spoofing Description: An inconsistent user interface issue was addressed with improved state management.

CVE-2023-42839 [MEDIUM] CVE-2023-42839: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-42839 Component: Sandbox Impact: An app may be able to access sensitive user data Description: This issue was addressed with improved state management.

CVE-2023-40408 [MEDIUM] CVE-2023-40408: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-40408 Component: Mail Drafts Impact: Hide My Email may be deactivated unexpectedly Description: An inconsistent user interface issue was addressed with improved state management.

CVE-2023-42889 [MEDIUM] CVE-2023-42889: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-42889 Component: PackageKit Impact: An app may be able to bypass certain Privacy preferences Description: The issue was addressed with improved checks.

CVE-2023-42858 [MEDIUM] CVE-2023-42858: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-42858 Component: WindowServer Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved checks.

CVE-2023-42877 [MEDIUM] CVE-2023-42877: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-42877 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: The issue was addressed with improved checks.

CVE-2023-41977 [MEDIUM] CVE-2023-41977: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-41977 Component: Safari Impact: Visiting a malicious website may reveal browsing history Description: The issue was addressed with improved handling of caches.

CVE-2023-41254 [MEDIUM] CVE-2023-41254: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-41254 Component: Weather Impact: An app may be able to access sensitive user data Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-42854 [MEDIUM] CVE-2023-42854: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-42854 Component: FileProvider Impact: An app may be able to cause a denial-of-service to Endpoint Security clients Description: This issue was addressed by removing the vulnerable code.

CVE-2023-42845 [MEDIUM] CVE-2023-42845: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-42845 Component: Photos Impact: Photos in the Hidden Photos Album may be viewed without authentication Description: An authentication issue was addressed with improved state management.

CVE-2023-41997 [MEDIUM] CVE-2023-41997: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-41997 Component: Siri Impact: An attacker with physical access may be able to use Siri to access sensitive user data Description: This issue was addressed by restricting options offered on a locked device.

CVE-2023-41989 [MEDIUM] CVE-2023-41989: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-41989 Component: Emoji Impact: An attacker may be able to execute arbitrary code as root from the Lock Screen Description: The issue was addressed by restricting options offered on a locked device.

CVE-2023-40421 [MEDIUM] CVE-2023-40421: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-40421 Component: CVE-2023-36191 Impact: An app may be able to access sensitive user data Description: A permissions issue was addressed with additional restrictions.