Login Sign Up

CVE-2023-28215

7.8 HIGH
Denial of Service Buffer Overflow

📋 TL;DR

This CVE describes a buffer overflow vulnerability in macOS that allows malicious applications to cause system crashes or write to kernel memory. It affects macOS systems running versions before Ventura 13.3. The vulnerability could lead to denial of service or potential privilege escalation.

💻 Affected Systems

Products:
  • macOS
Versions: All versions before macOS Ventura 13.3
Operating Systems: macOS
Default Config Vulnerable: ⚠️ Yes
Notes: All default macOS installations before Ventura 13.3 are vulnerable. No special configuration required for exploitation.

📦 What is this software?

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel memory corruption leading to system compromise, privilege escalation to kernel level, or persistent malware installation.

🟠

Likely Case

Application-induced system crashes (kernel panics) causing denial of service and potential data loss from unsaved work.

🟢

If Mitigated

Limited to denial of service if proper application sandboxing and least privilege principles are enforced.

🌐 Internet-Facing: LOW - Requires local application execution, not directly exploitable over network.
🏢 Internal Only: MEDIUM - Malicious or compromised applications on user workstations could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local application execution. No public exploit code available at time of analysis.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: macOS Ventura 13.3

Vendor Advisory: https://support.apple.com/en-us/HT213670

Restart Required: Yes

Instructions:

1. Open System Settings 2. Click General 3. Click Software Update 4. Install macOS Ventura 13.3 or later 5. Restart when prompted

🔧 Temporary Workarounds

Application Restriction

all

Restrict installation and execution of untrusted applications using MDM or parental controls

🧯 If You Can't Patch

  • Implement strict application allowlisting to prevent execution of untrusted applications
  • Enforce least privilege principles and application sandboxing where possible

🔍 How to Verify

Check if Vulnerable:

Check macOS version: If running macOS Ventura and version is less than 13.3, system is vulnerable

Check Version:

sw_vers

Verify Fix Applied:

Verify macOS version is 13.3 or higher in System Settings > General > About

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic logs in /Library/Logs/DiagnosticReports
  • Unexpected application crashes with memory access errors

Network Indicators:

  • No network indicators - local exploitation only

SIEM Query:

source="macos" AND (event="kernel_panic" OR event="panic" OR message="*buffer overflow*")

📊 Metadata

CVE ID: CVE-2023-28215
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-120
Published: September 6, 2023
Last Updated: May 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-28215, you might also want to check these:

CVE-2023-24482 10.0

This CVE describes a critical buffer overflow vulnerability in COMOS software's cache validation ser...

Same vulnerability type (CWE-120)
CVE-2024-22039 10.0

This vulnerability allows unauthenticated remote attackers to execute arbitrary code with root privi...

Same vulnerability type (CWE-120)
CVE-2022-22570 10.0

A buffer overflow vulnerability in UniFi Door Access Reader Lite firmware allows attackers with netw...

Same vulnerability type (CWE-120)