Apple Macos Sonoma vulnerabilities

CVE-2023-41988 [MEDIUM] CVE-2023-41988: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-41988 Component: Siri Impact: An attacker with physical access may be able to use Siri to access sensitive user data Description: This issue was addressed by restricting options offered on a locked device.

CVE-2023-40444 [MEDIUM] CVE-2023-40444: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-40444 Component: AppSandbox Impact: An app may be able to access user-sensitive data Description: A permissions issue was addressed with additional restrictions.

CVE-2023-42953 [MEDIUM] CVE-2023-42953: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-42953 Component: Game Center Impact: An app may be able to access sensitive user data Description: A permissions issue was addressed with additional restrictions.

CVE-2023-42823 [MEDIUM] CVE-2023-42823: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-42823 Component: CVE-2023-42823

CVE-2023-42859 [MEDIUM] CVE-2023-42859: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-42859 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: The issue was addressed with improved checks.

CVE-2023-28826 [MEDIUM] CVE-2023-28826: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-28826 Component: MediaRemote Impact: An app may be able to access sensitive user data Description: This issue was addressed with improved redaction of sensitive information.

CVE-2023-41982 [MEDIUM] CVE-2023-41982: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-41982 Component: Siri Impact: An attacker with physical access may be able to use Siri to access sensitive user data Description: This issue was addressed by restricting options offered on a locked device.

CVE-2023-42946 [MEDIUM] CVE-2023-42946: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-42946 Component: CVE-2023-42946

CVE-2023-40405 [LOW] CVE-2023-40405: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-40405 Component: Maps Impact: An app may be able to read sensitive location information Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-42857 [LOW] CVE-2023-42857: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-42857 Component: Contacts Impact: An app may be able to access sensitive user data Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-36191 CVE-2023-36191: macOS Sonoma 14.1 Apple Security Update: About the security content of macOS Sonoma 14.1 Product: macOS Sonoma Version: 14.1 CVE: CVE-2023-36191 Component: CVE-2023-36191 Impact: An app may be able to access sensitive user data Description: A permissions issue was addressed with additional restrictions.

CVE-2023-38408 [CRITICAL] CVE-2023-38408: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-38408 Component: OpenSSH Impact: A vulnerability was discovered in OpenSSHs remote forwarding Description: This issue was addressed by updating OpenSSH to 9.3p2

CVE-2023-40455 [CRITICAL] CVE-2023-40455: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-40455 Component: NetFSFramework Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A permissions issue was addressed with additional restrictions.

CVE-2023-40436 [CRITICAL] CVE-2023-40436: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-40436 Component: IOAcceleratorFamily Impact: An attacker may be able to cause unexpected system termination or read kernel memory Description: The issue was addressed with improved bounds checks.

CVE-2023-40400 [CRITICAL] CVE-2023-40400: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-40400 Component: LaunchServices Impact: An app may bypass Gatekeeper checks Description: A logic issue was addressed with improved checks.

CVE-2023-40414 [CRITICAL] CVE-2023-40414: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-40414 Component: WebKit Impact: Processing web content may lead to arbitrary code execution Description: A use-after-free issue was addressed with improved memory management.

CVE-2023-38586 [CRITICAL] CVE-2023-38586: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-38586 Component: Image Capture Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: An access issue was addressed with additional sandbox restrictions.

CVE-2023-42870 [HIGH] CVE-2023-42870: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-42870 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: A use-after-free issue was addressed with improved memory management.

CVE-2023-40454 [HIGH] CVE-2023-40454: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-40454 Component: LaunchServices Impact: An app may bypass Gatekeeper checks Description: A logic issue was addressed with improved checks.

CVE-2023-40393 [HIGH] CVE-2023-40393: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-40393 Component: Photos Impact: Photos in the Hidden Photos Album may be viewed without authentication Description: An authentication issue was addressed with improved state management.