CVE-2023-42952

MEDIUM Year: 2023
CVSS v3 Score
4.4
Medium
Weakness Type
CWE-269
View all →

Vulnerability Description

The issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.3, macOS Sonoma 14.1, macOS Monterey 12.7.1. An app with root privileges may be able to access private information.

Related Vulnerabilities

CVE-2018-12261

MEDIUM
CVSS:4.4(Medium)

An issue was discovered on Momentum Axel 720P 5.1.8 devices. All processes run as root.

CWE-2692018

CVE-2018-1368

MEDIUM
CVSS:4.4(Medium)

IBM Security Guardium Database Activity Monitor 9.0, 9.1, and 9.5 could allow a local user with low privileges to view report pages and perform some actions that only an admin should be performing, so...

CWE-2692018

CVE-2021-23880

MEDIUM
CVSS:4.4(Medium)

Improper Access Control in attribute in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows authenticated local administrator user to perform an uninstallation of th...

CWE-2692021

CVE-2021-23882

MEDIUM
CVSS:4.4(Medium)

Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by pl...

CWE-2692021

CVE-2021-31581

MEDIUM
CVSS:4.4(Medium)

The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which...

CWE-2692021

CVE-2022-27840

MEDIUM
CVSS:4.4(Medium)

Improper access control vulnerability in SamsungRecovery prior to version 8.1.43.0 allows local attckers to delete arbitrary files as SamsungRecovery permission.

CWE-2692022