Apple releases important security updates for macOS Monterey and Big Sur

Apple Neural Engine

• Available for: macOS Monterey/macOS Big Sur
• Impact: An application may be able to execute arbitrary code with kernel privileges
• Description: The issue was addressed through improved memory management.
• CVE-2023-23540: Mohamed GHANNAM (@_simo36)

AppleMobileFileIntegrity

• Available for: macOS Monterey/macOS Big Sur
• Impact: A user can access protected parts of the file system
• Description: The issue has been resolved through improved checks.
• CVE-2023-23527: Mickey Jin (@patch1t)

Archive Utility

• Available for: macOS Monterey/macOS Big Sur
• Impact: An archive may be able to bypass Gatekeeper
• Description: The issue has been resolved through improved checks.
• CVE-2023-27951: Brandon Dalton of Red Canary and Csaba Fitzl (@theevilbit) of Offensive Security

Calendar

• Available for: macOS Monterey/macOS Big Sur
• Impact: Importing a maliciously crafted calendar invitation may exfiltrate user information
• Description: Several validation issues have been resolved with better input sanitization.
• CVE-2023-27961: Riza Sabuncu (@rizasabuncu)

ColorSync

• Available for: macOS Monterey/macOS Big Sur
• Impact: An application may be able to read arbitrary files
• Description: The issue has been resolved through improved checks.
• CVE-2023-27955: JeongOhKye

communication center

• Available for: macOS Monterey/macOS Big Sur
• Impact: An application may be able to cause an unexpected system abort or write to kernel memory
• Description: An out-of-bounds write issue has been resolved with better input validation.
• CVE-2023-27936: Tingting Yin of Tsinghua University

daughter

• Available for: macOS Monterey/macOS Big Sur
• Impact: A remote user may be able to cause an application to exit unexpectedly or the execution of arbitrary code
• Description: The issue was addressed through improved boundary checks.
• CVE-2023-27935: Aleksandar Nikolic of Cisco Talos

daughter

• Available for: macOS Monterey/macOS Big Sur
• Impact: A remote user may be able to cause an unexpected system shutdown or corrupt kernel memory
• Description: The issue was addressed through improved memory management.
• CVE-2023-27953: Aleksandar Nikolic of Cisco Talos
• CVE-2023-27958: Aleksandar Nikolic of Cisco Talos

Foundation

• Available for: macOS Monterey/macOS Big Sur
• Impact: Parsing a maliciously crafted plist may lead to an unexpected application termination or arbitrary code execution
• Description: An integer overflow was addressed through improved input validation.
• CVE-2023-27937: an anonymous researcher

ImageIO

• Available for: macOS Monterey/macOS Big Sur
• Impact: Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution
• Description: An out-of-bounds read has been resolved with improved bounds checking.
• CVE-2023-27946: Mickey Jin (@patch1t)

Core

• Available for: macOS Monterey/macOS Big Sur
• Impact: An application may be able to execute arbitrary code with kernel privileges
• Description: A post-free usage issue has been addressed with better memory management.
• CVE-2023-23514: Xinru Chi from Pangu Lab and Ned Williamson from Google Project Zero

Core

• Available for: macOS Monterey
• Impact: An application with root privileges may be able to execute arbitrary code with kernel privileges
• Description: The issue was addressed through improved memory management.
• CVE-2023-27933: sqrtpwn

Core

• Available for: macOS Monterey/macOS Big Sur
• Impact: An application may be able to leak kernel memory
• Description: A validation issue has been fixed with better input sanitization.
• CVE-2023-28200: Arsenii Kostromin (0x3c3e)

I/O model

• Available for: macOS Monterey
• Impact: Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution
• Description: An out-of-bounds read has been resolved with better input validation.
• CVE-2023-27949: Mickey Jin (@patch1t)

NetworkExtension

• Available for: macOS Monterey/macOS Big Sur
• Impact: A user in a privileged position on the network may be able to spoof a VPN server configured with EAP-only authentication on a device
• Description: The issue was addressed with better authentication.
• CVE-2023-28182: Zhuowei Zhang

PackageKit

• Available for: macOS Monterey/macOS Big Sur
• Impact: An application may be able to modify protected parts of the file system
• Description: A logic issue has been resolved with improved checks.
• CVE-2023-23538: Mickey Jin (@patch1t)
• CVE-2023-27962: Mickey Jin (@patch1t)

Podcasts

• Available for: macOS Monterey
• Impact: An application may be able to access sensitive user data
• Description: The issue has been resolved through improved checks.
• CVE-2023-27942: Mickey Jin (@patch1t)

Sandbox

• Available for: macOS Monterey
• Impact: An application may be able to modify protected parts of the file system
• Description: A logic issue has been resolved with improved checks.
• CVE-2023-23533: Mickey Jin (@patch1t), Koh M. Nakagawa of FFRI Security, Inc. and Csaba Fitzl (@theevilbit) of Offensive Security

Sandbox

• Available for: macOS Monterey
• Impact: An app may be able to bypass privacy preferences
• Description: A logic issue has been resolved with improved validation.
• CVE-2023-28178: Yigit Can YILMAZ (@yilmazcanyigit)

Shortcuts

• Available for: macOS Monterey
• Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user
• Description: The issue was addressed with additional permission checks.
• CVE-2023-27963: Jubaer Alnazi Jabin of TRS Group of Companies and Wenchao Li and Xiaolong Bai of Alibaba Group

System Parameters

• Available for: macOS Monterey/macOS Big Sur
• Impact: An application may be able to access sensitive user data
• Description: A privacy issue has been addressed with better private data removal for journal entries.
• CVE-2023-23542: an anonymous researcher

System Parameters

• Available for: macOS Monterey/macOS Big Sur
• Impact: An app may be able to read sensitive location information
• Description: A permissions issue has been resolved with improved validation.
• CVE-2023-28192: Guilherme Rambo from Best Buddy Apps (rambo.codes)

Vigor

• Available for: macOS Monterey/macOS Big Sur
• Impact: Multiple issues in Vim
• Description: Several issues have been fixed by updating to Vim version 9.0.1191.
• CVE-2023-0433
• CVE-2023-0512

XPC

• Available for: macOS Monterey/macOS Big Sur
• Impact: An application may be able to break out of its sandbox
• Description: This problem has been solved by a new right.
• CVE-2023-27944: Mickey Jin (@patch1t)

AppleAVD

• Available for: macOS Big Sur
• Impact: An application may be able to execute arbitrary code with kernel privileges
• Description: A post-free usage issue has been addressed with better memory management.
• CVE-2022-26702: an anonymous researcher, Antonio Zekic (@antoniozekic), and John Aakerblom (@jaakerblom)

carbon core

• Available for: macOS Big Sur
• Impact: Processing a maliciously crafted image may lead to disclosure of process memory
• Description: The issue has been resolved through improved checks.
• CVE-2023-23534: Mickey Jin (@patch1t)

find my

• Available for: macOS Big Sur
• Impact: An app may be able to read sensitive location information
• Description: A privacy issue has been addressed with better private data removal for journal entries.
• CVE-2023-23537: an anonymous researcher

Identity services

• Available for: macOS Big Sur
• Impact: An application may be able to access a user’s contact information
• Description: A privacy issue has been addressed with better private data removal for journal entries.
• CVE-2023-27928: Csaba Fitzl (@theevilbit) of offensive security

ImageIO

• Available for: macOS Big Sur
• Impact: Processing a maliciously crafted image may lead to disclosure of process memory
• Description: The issue was addressed through improved memory management.
• CVE-2023-23535: ryuzaki