CVE-2023-36862

Summary

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.5. An app may be able to determine a user’s current location.

Affected Software

VendorProductVersion RangeStatus
ApplemacOSunspecified < 13.5affected

Weaknesses

  • An app may be able to determine a user’s current location

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References