{"api_version":"1","generated_at":"2026-04-23T04:34:25+00:00","cve":"CVE-2023-27965","urls":{"html":"https://cve.report/CVE-2023-27965","api":"https://cve.report/api/cve/CVE-2023-27965.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-27965","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-27965"},"summary":{"title":"CVE-2023-27965","description":"A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Studio Display Firmware Update 16.4. An app may be able to execute arbitrary code with kernel privileges.","state":"PUBLIC","assigner":"product-security@apple.com","published_at":"2023-05-08 20:15:00","updated_at":"2023-07-27 04:15:00"},"problem_types":["CWE-787"],"metrics":[],"references":[{"url":"https://support.apple.com/en-us/HT213670","name":"https://support.apple.com/en-us/HT213670","refsource":"MISC","tags":[],"title":"About the security content of macOS Ventura 13.3 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/en-us/HT213672","name":"https://support.apple.com/en-us/HT213672","refsource":"MISC","tags":[],"title":"About the security content of Studio Display Firmware Update 16.4 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-27965","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27965","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"27965","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"macos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"27965","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"apple","cpe5":"studio_display","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"27965","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"studio_display_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-27965","qid":"378189","title":"Apple macOS Ventura 13.3 Not Installed (HT213670)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-27965","ASSIGNER":"product-security@apple.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Studio Display Firmware Update 16.4. An app may be able to execute arbitrary code with kernel privileges."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"An app may be able to execute arbitrary code with kernel privileges"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Apple","product":{"product_data":[{"product_name":"macOS","version":{"version_data":[{"version_affected":"<","version_name":"unspecified","version_value":"13.3"}]}},{"product_name":"Studio Display Firmware Update","version":{"version_data":[{"version_affected":"<","version_name":"unspecified","version_value":"16.4"}]}}]}}]}},"references":{"reference_data":[{"url":"https://support.apple.com/en-us/HT213670","refsource":"MISC","name":"https://support.apple.com/en-us/HT213670"},{"url":"https://support.apple.com/en-us/HT213672","refsource":"MISC","name":"https://support.apple.com/en-us/HT213672"}]}},"nvd":{"publishedDate":"2023-05-08 20:15:00","lastModifiedDate":"2023-07-27 04:15:00","problem_types":["CWE-787"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0","versionEndExcluding":"13.3","cpe_name":[]}]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:studio_display_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"16.4","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:apple:studio_display:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":null,"notes":[]}}}