CVE-2023-27960

CVE Database · CVE-2023-27960

CVE-2023-27960

· HIGHModified

CVSS v3.1

7.8

EPSS

0.22%

Published

May 8, 2023

Modified

Jan 29, 2025

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

This issue was addressed by removing the vulnerable code. This issue is fixed in GarageBand for macOS 10.4.8. An app may be able to gain elevated privileges during the installation of GarageBand.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products (1)

apple · mac_os_x (up to 10.4.8)vulnerable

References (2)

https://support.apple.com/en-us/HT213650

Vendor Advisory

https://support.apple.com/en-us/HT213650

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs