CVE-2023-27945

Summary

This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. A sandboxed app may be able to collect system logs.

Affected Software

VendorProductVersion RangeStatus
ApplemacOSunspecified < 12.6affected
AppleXcodeunspecified < 14.3affected
ApplemacOSunspecified < 11.7affected

Weaknesses

  • A sandboxed app may be able to collect system logs

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References