CVE-2023-41992 – Apple Multiple Products Kernel Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-41992
The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, iOS 16.7 and iPadOS 16.7, macOS Ventura 13.6. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. El problema se solucionó con controles mejorados. • https://support.apple.com/en-us/HT213927 https://support.apple.com/en-us/HT213931 https://support.apple.com/en-us/HT213932 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVE-2023-41991 – Apple Multiple Products Improper Certificate Validation Vulnerability
https://notcve.org/view.php?id=CVE-2023-41991
A certificate validation issue was addressed. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. Se solucionó un problema de validación de certificados. • https://github.com/Zenyith/CVE-2023-41991 https://support.apple.com/en-us/HT213927 https://support.apple.com/en-us/HT213931 • CWE-295: Improper Certificate Validation •