CVE-2023-32546

Summary

Code injection vulnerability exists in Chatwork Desktop Application (Mac) 2.6.43 and earlier. If this vulnerability is exploited, a non-administrative user of the Mac where the product is installed may store and obtain audio and image data from the product without the user's consent.

Affected Software

VendorProductVersion RangeStatus
Chatwork Co., Ltd.Chatwork Desktop Application (Mac)versions 2.6.43 and earlieraffected

Weaknesses

  • Code injection

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References