CVE-2023-42838: An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges in Apple macOS
An access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.1, macOS Monterey 12.7.2. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.
CVE-2023-42838: An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges in Apple macOS
Description
An access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.1, macOS Monterey 12.7.2. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- apple
- Date Reserved
- 2023-09-14T19:05:11.449Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 690a554ba730e5a3d9d779fc
Added to database: 11/4/2025, 7:34:35 PM
Last updated: 11/4/2025, 7:35:34 PM
Views: 1
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2023-5981: Observable Discrepancy in Red Hat Red Hat Enterprise Linux 8
MediumCVE-2023-5380: Use After Free in Red Hat Red Hat Enterprise Linux 7
MediumCVE-2023-5367: Out-of-bounds Write in Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION
HighCVE-2023-5349: Missing Release of Memory after Effective Lifetime in rmagick
MediumCVE-2023-4693: Out-of-bounds Read in Red Hat Red Hat Enterprise Linux 8
MediumActions
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.