CVE-2023-42913

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

T

his issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.2. Remote Login sessions may be able to obtain full disk access permissions.

References

Link	Resource
https://support.apple.com/en-us/HT214036	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT214036	Release Notes Vendor Advisory
https://support.apple.com/kb/HT214036

Configurations

Configuration 1 (hide)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

History

04 Nov 2025, 20:16

Type	Values Removed	Values Added
References		() https://support.apple.com/kb/HT214036 -

21 Nov 2024, 08:23

Type	Values Removed	Values Added
References	~~() https://support.apple.com/en-us/HT214036 - Release Notes, Vendor Advisory~~	() https://support.apple.com/en-us/HT214036 - Release Notes, Vendor Advisory

01 Aug 2024, 15:35

Type	Values Removed	Values Added
CWE		CWE-922

Information

Published : 2024-03-28 16:15

Updated : 2025-11-04 20:16

NVD link : CVE-2023-42913

Mitre link : CVE-2023-42913

CVE.ORG link : CVE-2023-42913

JSON object : View

Products Affected

macos

CWE

NVD-CWE-noinfo CWE-922

Insecure Storage of Sensitive Information

{"id": "CVE-2023-42913", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2024-03-28T16:15:08.023", "references": [{"url": "https://support.apple.com/en-us/HT214036", "tags": ["Release Notes", "Vendor Advisory"], "source": "[email protected]"}, {"url": "https://support.apple.com/en-us/HT214036", "tags": ["Release Notes", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/kb/HT214036", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-922"}]}], "descriptions": [{"lang": "en", "value": "This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.2. Remote Login sessions may be able to obtain full disk access permissions."}, {"lang": "es", "value": "Esta cuesti\u00f3n se abord\u00f3 mediante una mejor gesti\u00f3n de estado. Este problema se solucion\u00f3 en macOS Sonoma 14.2. Las sesiones de inicio de sesi\u00f3n remoto pueden obtener permisos completos de acceso al disco."}], "lastModified": "2025-11-04T20:16:56.690", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A640ED58-0863-434D-B8B3-1FBF3B8D559D", "versionEndExcluding": "14.2"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}