CVE-2023-40435: Medium severity apple xcode vulnerability

Q: What is CVE-2023-40435?

CVE-2023-40435 is a vulnerability in iTMSTransporter that was addressed by enabling hardened runtime.

Q: What software is affected by CVE-2023-40435?

CVE-2023-40435 affects Apple Xcode version up to 15.

Q: How was CVE-2023-40435 addressed?

CVE-2023-40435 was addressed by enabling hardened runtime.

Q: Where can I find more information about CVE-2023-40435?

You can find more information about CVE-2023-40435 at the following link: [CVE-2023-40435](https://support.apple.com/en-us/HT213939)

Published Sep 18, 2023

Updated

iTMSTransporter. This issue was addressed by enabling hardened runtime.

Other sources

This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials.

Credit

James Duffy (mangoSecure)

Affected Software

2 affected componentsFixes available

Apple Xcode<15.0

Apple Xcode<15

Event History

Sep 26, 2023

CVE Published

via MITRE·08:14 PM

Data Sourced

via MITRE·08:14 PM

DescriptionWeakness

Sep 27, 2023

Data Sourced

via NVD·03:19 PM

DescriptionSeverityAffected Software

Parent advisories

This vulnerability appears in the following advisories.

HT213939

Peer vulnerabilities

Found alongside the following vulnerabilities.

Frequently Asked Questions

What is CVE-2023-40435?

CVE-2023-40435 is a vulnerability in iTMSTransporter that was addressed by enabling hardened runtime.

What software is affected by CVE-2023-40435?