CVE-2023-40307 | Mend Vulnerability Database

Vulnerability DatabaseCVE-2023-40307

CVE-2023-40307

September 28, 2023

An attacker with standard privileges on macOS when requesting administrator privileges from the application can submit input which causes a buffer overflow resulting in a crash of the application. This could make the application unavailable and allow reading or modification of data.

Related Resources (1)

https://github.com/SAP/macOS-enterprise-privileges/security/advisories/GHSA-rgq4-wxpj-5jv9

Do you need more information?

CVSS v4

Base Score:

4.8

Attack Vector

LOCAL

Attack Complexity

LOW

Attack Requirements

NONE

Privileges Required

LOW

User Interaction

NONE

Vulnerable System Confidentiality

LOW

Vulnerable System Integrity

LOW

Vulnerable System Availability

LOW

Subsequent System Confidentiality

LOW

Subsequent System Integrity

LOW

Subsequent System Availability

LOW

CVSS v3

Base Score:

6.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality

LOW

Integrity

LOW

Availability

LOW

Weakness Type (CWE)

Out-of-bounds Write

CWE-787

EPSS

Base Score:

0.08

Products

Solutions

Resources

Company

Compare

Developer Tools