AI description
CVE-2023-42829 allows an attacker to potentially access sensitive user data. This vulnerability was addressed with improved state management. The fix is included in updates for multiple operating systems, including tvOS 17.1, watchOS 10.1, macOS Sonoma 14.1, iOS 17.1, and iPadOS 17.1. This information is current as of February 27, 2025. New information may be available later.
- Description
- The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to access SSH passphrases.
- Source
- product-security@apple.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- Hype score
- Not currently trending
CVE-2023-42829 (macOS SW vuln.)! 🐞 'An app may be able to access SSH passphrases' - write-up inc. discovery, vuln analysis and pulling apart Apple's somewhat interesting patch (there's now *two* SSH client binaries on your mac!)👀 @ https://t.co/QuyckEk9Ga
@minacris_
9 May 2025
262 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2023-42829 (my first macOS SW vuln.)! 🐞 'An app may be able to access SSH passphrases' - write-up inc. discovery, vuln analysis and pulling apart Apple's somewhat interesting patch (there's now *two* SSH client binaries on your mac!)👀 @ https://t.co/QuyckEk9Ga
@minacris_
9 May 2025
19 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Finally!💥Just dropped a write-up for CVE-2023-42829 (my first macOS SW vuln.)! 🐞 'An app may be able to access SSH passphrases' - write-up inc. discovery, vuln analysis and pulling apart Apple's somewhat interesting patch (there's now *two* SSH client binaries on your mac!)👀 @
@j_duffy01
26 Feb 2025
7794 Impressions
17 Retweets
101 Likes
33 Bookmarks
3 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FB5312D6-AEEA-4548-B3EF-B07B46168475",
"versionEndExcluding": "11.7.9",
"versionStartIncluding": "11.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A47C992E-C336-403A-A534-E1A33C7338DE",
"versionEndExcluding": "12.6.8",
"versionStartIncluding": "12.0.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D701507-146E-4E5B-8C32-60E797E46627",
"versionEndExcluding": "13.5",
"versionStartIncluding": "13.0"
}
],
"operator": "OR"
}
]
}
]