CVE-2023-42840: Medium severity apple macos vulnerability
Published Oct 25, 2023
·Updated
PackageKit. The issue was addressed with improved checks.
Other sources
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to access user-sensitive data.
— MITRE
Credit
Mickey Jin@@patch1t(Offensive Security), (Offensive Security), Csaba Fitzl@@theevilbit(Offensive Security), Mickey Jin@@patch1t(Offensive Security), (Offensive Security), Csaba Fitzl@@theevilbit(Offensive Security), Mickey Jin@@patch1t(Offensive Security), (Offensive Security), Csaba Fitzl@@theevilbit(Offensive Security)
Affected Software
6 affected componentsFixes available
Apple macOS<14.1
14.1
macOS<12.7.1
12.7.1
macOS Ventura<13.6.1
13.6.1
macOS>=12.0<12.7.1
macOS>=13.0<13.6.1
macOS=14.0
Event History
Feb 21, 2024
CVE Published
via MITRE·06:41 AM
Data Sourced
via MITRE·06:41 AM
DescriptionWeakness
Data Sourced
via NVD·07:15 AM
DescriptionSeverityWeaknessAffected Software
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2023-30774
- CVE-2023-40444
- CVE-2023-42952
- CVE-2023-42945
- CVE-2023-41072
- CVE-2023-42857
- CVE-2023-40449
- CVE-2023-42823
- CVE-2023-41989
- CVE-2023-42854
- CVE-2023-40413
- CVE-2023-42834
- CVE-2023-42844
- CVE-2023-42953
- CVE-2023-40416
- CVE-2023-42848
- CVE-2023-40423
- CVE-2023-38403
- CVE-2023-42849
- CVE-2023-42850
- CVE-2023-40446
- CVE-2023-42942
- CVE-2023-42861
- CVE-2023-42935
- CVE-2023-40408
- CVE-2023-40405
- CVE-2023-28826
- CVE-2023-42856
- CVE-2023-40404
- CVE-2023-42859
- CVE-2023-42877
- CVE-2023-42840
- CVE-2023-42853
- CVE-2023-42860
- CVE-2023-42889
- CVE-2023-42847
- CVE-2023-42845
- CVE-2023-42841
- CVE-2023-42873
- CVE-2023-42838
- CVE-2023-42835
- CVE-2023-41977
- CVE-2023-42438
- CVE-2023-42836
- CVE-2023-42839
- CVE-2023-42878
- CVE-2023-41982
- CVE-2023-41997
- CVE-2023-41988
- CVE-2023-42946
- CVE-2023-36191
- CVE-2023-40421
- CVE-2023-42842
- CVE-2023-4733
- CVE-2023-4734
- CVE-2023-4735
- CVE-2023-4736
- CVE-2023-4738
- CVE-2023-4750
- CVE-2023-4751
- CVE-2023-4752
- CVE-2023-4781
- CVE-2023-41254
- CVE-2023-40447
- CVE-2023-41976
- CVE-2023-42852
- CVE-2023-42843
- CVE-2023-41983
- CVE-2023-41975
- CVE-2023-42858
- CVE-2023-40425
- CVE-2023-41077
- CVE-2023-40401
Frequently Asked Questions
1
What is the severity of CVE-2023-42840?
CVE-2023-42840 has a medium severity rating, indicating potential risks to user-sensitive data.
2
How do I fix CVE-2023-42840?
To fix CVE-2023-42840, upgrade to macOS Sonoma 14.1, macOS Monterey 12.7.1, or macOS Ventura 13.6.1.
3
Which versions of macOS are affected by CVE-2023-42840?
CVE-2023-42840 affects macOS versions from 12.0 up to 12.7.1 and from 13.0 up to 13.6.1.
4
What type of data can be compromised due to CVE-2023-42840?
CVE-2023-42840 may allow apps to access user-sensitive data.
5
When was CVE-2023-42840 disclosed?
CVE-2023-42840 was disclosed as part of Apple's security updates for macOS.