Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.MACOS_HT213760.NASL
HistoryMay 18, 2023 - 12:00 a.m.

macOS 11.x < 11.7.7 Multiple Vulnerabilities (HT213760)

2023-05-1800:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
23
macos
vulnerabilities
memory handling
entitlements
privacy issue
redaction
buffer overflow
bounds checking
input validation
use-after-free
logic issue
authorization issue
cve-2023-28181
cve-2023-27945
cve-2023-32388
cve-2023-32392
cve-2023-28191
cve-2023-32411
cve-2023-32384
cve-2023-32410
cve-2023-32398
cve-2023-32412
cve-2023-32352
cve-2023-32397
cve-2023-32407
cve-2023-32403
cve-2023-32357
nessus

0.009 Low

EPSS

Percentile

83.1%

JSON

The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.7.7. It is, therefore, affected by multiple vulnerabilities:

  • The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges (CVE-2023-28181)

  • This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3. A sandboxed app may be able to collect system logs (CVE-2023-27945)

  • A privacy issue was addressed with improved private data redaction for log entries. (CVE-2023-32388, CVE-2023-32392)

  • This issue was addressed with improved redaction of sensitive information. (CVE-2023-28191)

  • This issue was addressed with improved entitlements. (CVE-2023-32411)

  • A buffer overflow was addressed with improved bounds checking. (CVE-2023-32384)

  • An out-of-bounds read was addressed with improved input validation. (CVE-2023-32410)

  • A use-after-free issue was addressed with improved memory management. (CVE-2023-32398, CVE-2023-32412)

  • A logic issue was addressed with improved checks. (CVE-2023-32352)

  • A logic issue was addressed with improved state management. (CVE-2023-32397, CVE-2023-32407)

  • This issue was addressed with improved redaction of sensitive information. (CVE-2023-32403)

  • An authorization issue was addressed with improved state management. (CVE-2023-32357)

Note that Nessus has not tested for these issues but has instead relied only on the operating system’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(176084);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/07");

  script_cve_id(
    "CVE-2023-27945",
    "CVE-2023-28181",
    "CVE-2023-28191",
    "CVE-2023-32352",
    "CVE-2023-32355",
    "CVE-2023-32357",
    "CVE-2023-32360",
    "CVE-2023-32369",
    "CVE-2023-32380",
    "CVE-2023-32382",
    "CVE-2023-32384",
    "CVE-2023-32386",
    "CVE-2023-32387",
    "CVE-2023-32388",
    "CVE-2023-32392",
    "CVE-2023-32395",
    "CVE-2023-32397",
    "CVE-2023-32398",
    "CVE-2023-32403",
    "CVE-2023-32405",
    "CVE-2023-32407",
    "CVE-2023-32410",
    "CVE-2023-32411",
    "CVE-2023-32412",
    "CVE-2023-32413"
  );
  script_xref(name:"APPLE-SA", value:"HT213760");
  script_xref(name:"IAVA", value:"2023-A-0264-S");

  script_name(english:"macOS 11.x < 11.7.7 Multiple Vulnerabilities (HT213760)");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a macOS update that fixes multiple vulnerabilities");
  script_set_attribute(attribute:"description", value:
"The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.7.7. It is, therefore, affected by
multiple vulnerabilities:

  - The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, tvOS
    16.4, watchOS 9.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel
    privileges (CVE-2023-28181)

  - This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3. A sandboxed app
    may be able to collect system logs (CVE-2023-27945)

  - A privacy issue was addressed with improved private data redaction for log entries. (CVE-2023-32388,
    CVE-2023-32392)

  - This issue was addressed with improved redaction of sensitive information. (CVE-2023-28191)

  - This issue was addressed with improved entitlements. (CVE-2023-32411)

  - A buffer overflow was addressed with improved bounds checking. (CVE-2023-32384)

  - An out-of-bounds read was addressed with improved input validation. (CVE-2023-32410)

  - A use-after-free issue was addressed with improved memory management. (CVE-2023-32398, CVE-2023-32412)

  - A logic issue was addressed with improved checks. (CVE-2023-32352)

  - A logic issue was addressed with improved state management. (CVE-2023-32397, CVE-2023-32407)

  - This issue was addressed with improved redaction of sensitive information. (CVE-2023-32403)

  - An authorization issue was addressed with improved state management. (CVE-2023-32357)

Note that Nessus has not tested for these issues but has instead relied only on the operating system's self-reported
version number.");
  script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT213760");
  script_set_attribute(attribute:"solution", value:
"Upgrade to macOS 11.7.7 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-32412");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/03/30");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/05/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/05/18");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:macos");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_ports("Host/MacOSX/Version", "Host/local_checks_enabled", "Host/MacOSX/packages/boms");

  exit(0);
}

include('vcf.inc');
include('vcf_extras_apple.inc');

var app_info = vcf::apple::macos::get_app_info();

var constraints = [
  { 'fixed_version' : '11.7.7', 'min_version' : '11.0', 'fixed_display' : 'macOS Big Sur 11.7.7' }
];

vcf::apple::macos::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);
VendorProductVersionCPE
applemac_os_xcpe:/o:apple:mac_os_x
applemacoscpe:/o:apple:macos

References

Related

openvas 11
apple 8
nessus 30
nvd 25
cvelist 25
cve 25
zdi 2
prion 25
malwarebytes 1
talos 1
redhat 14
osv 7
almalinux 2
ibm 3
oraclelinux 3
amazon 2
ubuntu 2
ubuntucve 1
redhatcve 1
rocky 2
debiancve 1
centos 1
mageia 1
debian 1
mssecure 2
thn 1
mmpc 1
talosblog 1
openvas
openvas
Apple Mac OS X Security Update (HT213760)
2023-05-22 00:00:00
Apple Mac OS X Security Update (HT213759)
2023-05-22 00:00:00
Apple Mac OS X Security Update (HT213758)
2023-05-22 00:00:00
apple
apple
About the security content of macOS Big Sur 11.7.7
2023-05-18 00:00:00
About the security content of macOS Monterey 12.6.6
2023-05-18 00:00:00
About the security content of iOS 15.7.6 and iPadOS 15.7.6
2023-05-18 00:00:00
nessus
nessus
macOS 12.x < 12.6.6 Multiple Vulnerabilities (HT213759)
2023-05-18 00:00:00
macOS 13.x < 13.4 Multiple Vulnerabilities (HT213758)
2023-05-18 00:00:00
Apple iOS < 16.5 Multiple Vulnerabilities (HT213757)
2023-05-23 00:00:00
nvd
nvd
CVE-2023-32386
2023-06-23 18:15:12
CVE-2023-32388
2023-06-23 18:15:12
CVE-2023-32405
2023-06-23 18:15:13
cvelist
cvelist
CVE-2023-32369
2023-06-23 00:00:00
CVE-2023-32355
2023-06-23 00:00:00
CVE-2023-32382
2023-06-23 00:00:00
cve
cve
CVE-2023-32395
2023-06-23 18:15:12
CVE-2023-32355
2023-06-23 18:15:11
CVE-2023-32397
2023-06-23 18:15:12
zdi
zdi
(Pwn2Own) Apple macOS /dev/fd Race Condition Local Privilege Escalation Vulnerability
2023-06-08 00:00:00
Apple macOS ImageIO EXR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
2023-08-25 00:00:00
prion
prion
Authorization
2023-06-23 18:15:00
Buffer overflow
2023-06-23 18:15:00
Authentication flaw
2023-06-23 18:15:00
malwarebytes
malwarebytes
Microsoft gives Apple a migraine
2023-05-31 23:45:00
talos
talos
Apple DCERPC association groups use-after-free vulnerability
2023-07-13 00:00:00
redhat
redhat
(RHSA-2023:4864) Important: cups security update
2023-08-29 17:44:57
(RHSA-2023:4771) Important: cups security update
2023-08-28 12:46:23
(RHSA-2023:4769) Important: cups security update
2023-08-28 12:43:57
osv
osv
Important: cups security update
2023-08-31 16:55:50
Important: cups security update
2023-08-29 00:00:00
Important: cups security update
2023-08-29 00:00:00
almalinux
almalinux
Important: cups security update
2023-08-29 00:00:00
Important: cups security update
2023-08-29 00:00:00
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to sensitive information disclosure in Apple macOS Big Sur [CVE-2023-32360]
2023-11-30 18:55:21
Security Bulletin: Multiple security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak
2024-01-12 19:00:36
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
2024-02-14 19:15:02
oraclelinux
oraclelinux
cups security update
2023-08-30 00:00:00
cups security update
2023-08-29 00:00:00
cups security update
2023-08-29 00:00:00
amazon
amazon
Medium: cups
2023-08-31 22:28:00
Medium: cups
2023-09-13 23:15:00
ubuntu
ubuntu
CUPS vulnerability
2023-09-26 00:00:00
CUPS vulnerability
2023-09-12 00:00:00
ubuntucve
ubuntucve
CVE-2023-32360
2023-06-23 00:00:00
redhatcve
redhatcve
CVE-2023-32360
2023-08-16 16:49:03
rocky
rocky
cups security update
2023-08-31 16:55:50
cups security update
2023-08-31 16:55:08
debiancve
debiancve
CVE-2023-32360
2023-06-23 18:15:11
centos
centos
cups security update
2024-01-12 19:25:19
mageia
mageia
Updated cups packages fix security vulnerabilities
2023-10-10 20:21:41
debian
debian
[SECURITY] [DLA 3594-1] cups security update
2023-09-30 16:54:52
mssecure
mssecure
New macOS vulnerability, Migraine, could bypass System Integrity Protection
2023-05-30 16:00:00
Uncursing the ncurses: Memory corruption vulnerabilities found in library
2023-09-14 11:30:00
thn
thn
Microsoft Details Critical Apple macOS Vulnerability Allowing SIP Protection Bypass
2023-05-31 11:57:00
mmpc
mmpc
Uncursing the ncurses: Memory corruption vulnerabilities found in library
2023-09-14 11:30:00
talosblog
talosblog
Uncovering weaknesses in Apple macOS and VMWare vCenter: 12 vulnerabilities in RPC implementation
2023-07-13 16:00:21

0.009 Low

EPSS

Percentile

83.1%

JSON
Related for MACOS_HT213760.NASL
openvas11apple8nessus30nvd25cvelist25cve25zdi2prion25malwarebytes1talos1redhat14osv7almalinux2ibm3oraclelinux3amazon2ubuntu2ubuntucve1redhatcve1rocky2debiancve1centos1mageia1debian1mssecure2thn1mmpc1talosblog1