CVE-2023-28207

Summary

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A plug-in may be able to inherit app permissions and access user data.

Affected Software

VendorProductVersion RangeStatus
ApplemacOSunspecified < 13.3affected
ApplemacOSunspecified < 12.6affected
ApplemacOSunspecified < 11.7affected

Weaknesses

  • A plug-in may be able to inherit app permissions and access user data

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References