CVE-2023-32401

Vulnerability

A buffer overflow vulnerability exists in the parsing of office documents across all supported macOS versions prior to macOS Ventura 13.4, macOS Monterey 12.6.6, and macOS Big Sur 11.7.7. The flaw occurs due to insufficient bounds checking when processing crafted office documents. An attacker can exploit this by providing a malicious document to a user on an affected system. [1]

Exploitation

An attacker requires the ability to deliver a specially crafted office document to the target user. The user must open the malicious document in an application that parses office file formats, such as TextEdit, Preview, or any other macOS component that handles office documents. No additional authentication or network position is required beyond the delivery of the document. [1]

Impact

Successful exploitation of this buffer overflow can lead to an unexpected app termination or arbitrary code execution. An attacker who achieves code execution could gain the privileges of the user running the vulnerable application, potentially allowing further compromise of the system. The impact is primarily on availability (app termination) and integrity/confidentiality (arbitrary code execution). [1]

Mitigation

Apple addressed this issue by improving bounds checking in the following software updates: macOS Ventura 13.4, macOS Monterey 12.6.6, and macOS Big Sur 11.7.7, all released on May 18, 2023. Users should update to the latest available version of macOS to obtain the fix. No workarounds are provided for unpatched systems. [1]