CVE-2023-42940

CVSS v3 5.7 MEDIUM

5.7^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.1 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

A

session rendering issue was addressed with improved session tracking. This issue is fixed in macOS Sonoma 14.2.1. A user who shares their screen may unintentionally share the incorrect content.

References

Link	Resource
http://seclists.org/fulldisclosure/2023/Dec/20	Mailing List Third Party Advisory
https://support.apple.com/en-us/HT214048	Release Notes Vendor Advisory
http://seclists.org/fulldisclosure/2023/Dec/20	Mailing List Third Party Advisory
https://support.apple.com/en-us/HT214048	Release Notes Vendor Advisory
https://support.apple.com/kb/HT214048

Configurations

Configuration 1 (hide)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

History

04 Nov 2025, 19:15

Type	Values Removed	Values Added
References		() https://support.apple.com/kb/HT214048 -

06 May 2025, 19:15

Type	Values Removed	Values Added
CWE		CWE-200

21 Nov 2024, 08:23

Type	Values Removed	Values Added
References	~~() http://seclists.org/fulldisclosure/2023/Dec/20 - Mailing List, Third Party Advisory~~	() http://seclists.org/fulldisclosure/2023/Dec/20 - Mailing List, Third Party Advisory
References	~~() https://support.apple.com/en-us/HT214048 - Release Notes, Vendor Advisory~~	() https://support.apple.com/en-us/HT214048 - Release Notes, Vendor Advisory

Information

Published : 2023-12-19 22:15

Updated : 2025-11-04 19:15

NVD link : CVE-2023-42940

Mitre link : CVE-2023-42940

CVE.ORG link : CVE-2023-42940

JSON object : View

Products Affected

macos

CWE

NVD-CWE-noinfo CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2023-42940", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.7, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.1}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.7, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.1}]}, "published": "2023-12-19T22:15:07.630", "references": [{"url": "http://seclists.org/fulldisclosure/2023/Dec/20", "tags": ["Mailing List", "Third Party Advisory"], "source": "[email protected]"}, {"url": "https://support.apple.com/en-us/HT214048", "tags": ["Release Notes", "Vendor Advisory"], "source": "[email protected]"}, {"url": "http://seclists.org/fulldisclosure/2023/Dec/20", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/en-us/HT214048", "tags": ["Release Notes", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/kb/HT214048", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "A session rendering issue was addressed with improved session tracking. This issue is fixed in macOS Sonoma 14.2.1. A user who shares their screen may unintentionally share the incorrect content."}, {"lang": "es", "value": "Se solucion\u00f3 un problema de representaci\u00f3n de sesiones con un seguimiento de sesiones mejorado. Este problema se solucion\u00f3 en macOS Sonoma 14.2.1. Un usuario que comparte su pantalla puede compartir sin querer el contenido incorrecto."}], "lastModified": "2025-11-04T19:15:58.477", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BC4F8D9-9E7D-4F22-BF33-11A7F6E71334", "versionEndExcluding": "14.2.1", "versionStartIncluding": "14.0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}