QID 376205

QID 376205: Apple Xcode Prior to 13.2.1 Log4j Vulnerability

Apple Xcode is an integrated development environment (IDE) for macOS containing a suite of software development tools developed by Apple.

Affected Versions:
Apple Xcode all versions prior to 13
Note: Prior to 13.2.1 is only available for: macOS Monterey 12.1 and later

QID Detection Logic (Authenticated): This checks for vulnerable versions of Apple Xcode under the Apple System Information.

Successful exploitation of this vulnerability could lead to remote code execution (RCE) on the target.

  • CVSS V3 rated as Critical - 10 severity.
  • CVSS V2 rated as Critical - 9.3 severity.
  • Solution
    Xcode 13.2.1 and later

    Download XCode from here
    For more information please refer to xcode-13_2_1

    CVEs related to QID 376205

    Software Advisories
    Advisory ID Software Component Link
    xcode-13_2_1-release-notes URL Logo developer.apple.com/documentation/xcode-release-notes/xcode-13_2_1-release-notes