vulnerability

OS X update for Model I/O (CVE-2023-32375)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:M/Au:N/C:C/I:N/A:N)	May 19, 2023	May 19, 2023	Mar 27, 2026

Severity

CVSS

(AV:L/AC:M/Au:N/C:C/I:N/A:N)

Published

May 19, 2023

Added

May 19, 2023

Modified

Mar 27, 2026

Description

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.6, macOS Ventura 13.4. Processing a 3D model may result in disclosure of process memory.

Solutions

apple-osx-upgrade-12_6_6apple-osx-upgrade-13_4

References

CVE-2023-32375
https://attackerkb.com/topics/CVE-2023-32375
CWE-125
EUVD-EUVD-2023-36619
https://euvd.enisa.europa.eu/vulnerability/EUVD-2023-36619
https://support.apple.com/kb/HT213758
https://support.apple.com/kb/HT213759
https://support.apple.com/kb/HT213760

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report