Apple Macos Sonoma vulnerabilities

CVE-2023-40406 [MEDIUM] CVE-2023-40406: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-40406 Component: ColorSync Impact: An app may be able to read arbitrary files Description: The issue was addressed with improved checks.

CVE-2023-41980 [MEDIUM] CVE-2023-41980: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-41980 Component: FileProvider Impact: An app may be able to bypass Privacy preferences Description: A permissions issue was addressed with additional restrictions.

CVE-2023-32361 [MEDIUM] CVE-2023-32361: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-32361 Component: AuthKit Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved handling of caches.

CVE-2023-41981 [MEDIUM] CVE-2023-41981: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-41981 Component: Kernel Impact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations Description: The issue was addressed with improved memory handling.

CVE-2023-35984 [MEDIUM] CVE-2023-35984: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-35984 Component: Bluetooth Impact: An attacker in physical proximity can cause a limited out of bounds write Description: The issue was addressed with improved checks.

CVE-2023-42982 [MEDIUM] CVE-2023-42982: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-42982 Component: Model I/O Impact: Processing a file may lead to a denial-of-service or potentially disclose memory contents Description: The issue was addressed with improved checks.

CVE-2023-38607 [MEDIUM] CVE-2023-38607: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-38607 Component: Printing Impact: An app may be able to modify Printer settings Description: The issue was addressed with improved handling of caches.

CVE-2023-41996 [MEDIUM] CVE-2023-41996: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-41996 Component: Sandbox Impact: Apps that fail verification checks may still launch Description: The issue was addressed with improved checks.

CVE-2023-42981 [MEDIUM] CVE-2023-42981: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-42981 Component: Model I/O Impact: Processing a file may lead to a denial-of-service or potentially disclose memory contents Description: The issue was addressed with improved checks.

CVE-2023-40411 [MEDIUM] CVE-2023-40411: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-40411 Component: FileProvider Impact: An app may be able to access user-sensitive data Description: This issue was addressed with improved data protection.

CVE-2023-40541 [MEDIUM] CVE-2023-40541: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-40541 Component: Shortcuts Impact: A shortcut may output sensitive user data without consent Description: This issue was addressed by adding an additional prompt for user consent.

CVE-2023-41070 [MEDIUM] CVE-2023-41070: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-41070 Component: Share Sheet Impact: An app may be able to access sensitive data logged when a user shares a link Description: A logic issue was addressed with improved checks.

CVE-2023-41066 [MEDIUM] CVE-2023-41066: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-41066 Component: Windows Server Impact: An app may be able to unexpectedly leak a user's credentials from secure text fields Description: An authentication issue was addressed with improved state management.

CVE-2023-40528 [MEDIUM] CVE-2023-40528: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-40528 Component: Core Data Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed by removing the vulnerable code.

CVE-2023-40424 [MEDIUM] CVE-2023-40424: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-40424 Component: TCC Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved checks.

CVE-2023-40403 [MEDIUM] CVE-2023-40403: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-40403 Component: LaunchServices Impact: An app may bypass Gatekeeper checks Description: A logic issue was addressed with improved checks.

CVE-2023-41979 [MEDIUM] CVE-2023-41979: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-41979 Component: XProtectFramework Impact: An app may be able to modify protected parts of the file system Description: A race condition was addressed with improved locking.

CVE-2023-41079 [MEDIUM] CVE-2023-41079: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-41079 Component: Shortcuts Impact: An app may be able to bypass Privacy preferences Description: The issue was addressed with improved permissions logic.

CVE-2023-40441 [MEDIUM] CVE-2023-40441: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-40441 Component: GPU Drivers Impact: Processing web content may lead to a denial-of-service Description: A resource exhaustion issue was addressed with improved input validation.

CVE-2023-41073 [MEDIUM] CVE-2023-41073: macOS Sonoma 14 Apple Security Update: About the security content of macOS Sonoma 14 Product: macOS Sonoma Version: 14 CVE: CVE-2023-41073 Component: LaunchServices Impact: An app may bypass Gatekeeper checks Description: A logic issue was addressed with improved checks.