Unauthenticated User Can Remount Encrypted Volume Without Password Prompt

Unauthenticated User Can Remount Encrypted Volume Without Password Prompt

CVE-2023-23493 · LOW Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An encrypted volume may be unmounted and remounted by a different user without prompting for the password.

Learn more about our Cis Benchmark Audit For Apple Macos.