{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-42832","assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","state":"PUBLISHED","assignerShortName":"apple","dateReserved":"2023-09-14T19:05:11.448Z","datePublished":"2024-01-10T22:03:44.211Z","dateUpdated":"2025-06-20T15:50:09.508Z"},"containers":{"cna":{"problemTypes":[{"descriptions":[{"lang":"en","description":"An app may be able to gain root privileges"}]}],"affected":[{"vendor":"Apple","product":"macOS","versions":[{"version":"unspecified","status":"affected","lessThan":"13.5","versionType":"custom"}]},{"vendor":"Apple","product":"macOS","versions":[{"version":"unspecified","status":"affected","lessThan":"11.7","versionType":"custom"}]},{"vendor":"Apple","product":"macOS","versions":[{"version":"unspecified","status":"affected","lessThan":"12.6","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to gain root privileges."}],"references":[{"url":"https://support.apple.com/en-us/HT213843"},{"url":"https://support.apple.com/en-us/HT213845"},{"url":"https://support.apple.com/en-us/HT213844"}],"providerMetadata":{"orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple","dateUpdated":"2024-01-10T22:03:44.211Z"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T19:30:24.779Z"},"title":"CVE Program Container","references":[{"url":"https://support.apple.com/en-us/HT213843","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213845","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213844","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-362","lang":"en","description":"CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":7,"attackVector":"LOCAL","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"REQUIRED","attackComplexity":"HIGH","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-01-18T01:19:20.770737Z","id":"CVE-2023-42832","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-06-20T15:50:09.508Z"}}]}}