Threat Advisories - NVD Disclosed March 5, 2024

CVE-2024-23296

Apple Device Memory Corruption Vulnerability.

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A memory corruption flaw in Apple operating systems allows an attacker with local access to bypass kernel memory protections. This could impact data integrity and system security for affected organizations. Apple has released updates to address this issue, and there are reports of it being exploited.

NVD published: March 5, 2024 • CISA KEV

CVE advisoryKnown Exploit

CVE-2024-23225

Apple Devices Kernel Memory Risk

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

Certain Apple operating systems have a memory corruption vulnerability that could allow an attacker to bypass kernel protections. This presents a business risk of data compromise. Apple has released updates to address this issue.

NVD published: March 5, 2024 • CISA KEV

CVE advisoryCRITICAL

CVE-2023-7103

ZKSoftware UFace 5 could allow an external attacker to bypass login controls.

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

An external attacker could bypass login controls on ZKSoftware Biometric Security Solutions UFace 5. This could allow them to enroll or modify users, potentially gaining administrative control of the system and unauthorized access to sensitive areas or data.

NVD published: March 5, 2024