CVE-2023-40307 MEDIUM

CVE-2023-40307: Privileges Memory Corruption (Out-of-bound write)

Weakness CWE-787

Published September 28, 2023

Last update September 23, 2024

View on NVD All CVEs

CVSS base score

6.3/10

Attack vector Local

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality Low

Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

What the vulnerability does

01Description

An attacker with standard privileges on macOS when requesting administrator privileges from the application can submit input which causes a buffer overflow resulting in a crash of the application. This could make the application unavailable and allow reading or modification of data.

Key dates

02Disclosure timeline

September 28, 2023 CVE published

September 23, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-40307 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/787.html

Related vulnerabilities

CVE-2023-40307: Privileges Memory Corruption (Out-of-bound write)

01Description

02Disclosure timeline

03References

04Related CVE