Lucene search
AppleCVE-2023-23539HistoryJun 23, 2023 - 6:15 p.m.
CVE-2023-23539
2023-06-2318:15:10
CWE-120
apple
web.nvd.nist.gov
26
cve-2023-23539
buffer overflow
memory handling
macos ventura 13.2
samba network share
arbitrary code execution
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.3
Confidence
High
EPSS
0.001
Percentile
27.0%
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution.
Affected configurations
Node
applemacosRange13.0–13.2
CNA Affected
[
{
"vendor": "Apple",
"product": "macOS",
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "13.2",
"versionType": "custom"
}
]
}
]References
Related
nvd
nvd
CVE-2023-23539
2023-06-23 18:15:10
prion
prion
Buffer overflow
2023-06-23 18:15:00
cvelist
cvelist
CVE-2023-23539
2023-06-23 00:00:00
talos
talos
Apple DCERPC presentation result list out of bounds memory access
2023-07-13 00:00:00
talosblog
talosblog
openvas
openvas
Apple Mac OS X Security Update (HT213605)
2023-01-25 00:00:00
apple
apple
About the security content of macOS Ventura 13.2
2023-01-23 00:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.3
Confidence
High
EPSS
0.001
Percentile
27.0%
Related for CVE-2023-23539