CVE-2023-27965

CVE Database · CVE-2023-27965

CVE-2023-27965

· HIGHModified

CVSS v3.1

7.8

EPSS

0.26%

Published

May 8, 2023

Modified

Jan 29, 2025

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Studio Display Firmware Update 16.4. An app may be able to execute arbitrary code with kernel privileges.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-787CWE-787

Affected Products (3)

apple · macos (up to 13.3)vulnerable

apple · studio_display_firmware (up to 16.4)vulnerable

apple · studio_display

References (4)

https://support.apple.com/en-us/HT213670

Vendor Advisory

https://support.apple.com/en-us/HT213672

Vendor Advisory

https://support.apple.com/en-us/HT213670

Vendor Advisory

https://support.apple.com/en-us/HT213672

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs