Vulnerabilities > CVE-2023-42891 - Unspecified vulnerability in Apple Macos
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
An authentication issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. An app may be able to monitor keystrokes without user permission.
Vulnerable Configurations
References
- http://seclists.org/fulldisclosure/2023/Dec/10
- http://seclists.org/fulldisclosure/2023/Dec/10
- http://seclists.org/fulldisclosure/2023/Dec/11
- http://seclists.org/fulldisclosure/2023/Dec/11
- http://seclists.org/fulldisclosure/2023/Dec/9
- http://seclists.org/fulldisclosure/2023/Dec/9
- https://support.apple.com/en-us/HT214036
- https://support.apple.com/en-us/HT214036
- https://support.apple.com/en-us/HT214037
- https://support.apple.com/en-us/HT214037
- https://support.apple.com/en-us/HT214038
- https://support.apple.com/en-us/HT214038