CVE CyberSecurity Database News

CVE-2023-32442 - How a macOS Shortcut Could Have Changed Sensitive Settings – Full Exploit Walkthrough

Poster -

---

Apple is always improving macOS, but sometimes even great products have holes – and CVE-2023-32442 was one such hole. This vulnerability allowed a seemingly harmless shortcut to actually modify important (even sensitive) settings in the Shortcuts app on macOS! Here we’ll dive deep into what happened, how it worked, and how it was patched, using plain language and real code samples.

1. What’s CVE-2023-32442?

In June 2023, Apple released macOS Ventura 13.5 and macOS Monterey 12.6.8, quietly fixing a flaw tracked as CVE-2023-32442. The issue? Shortcuts – Apple’s official app for automation – allowed a specially-created shortcut to mess with its sensitive settings. That could mean an attacker, or just a clever prankster, might force the Shortcuts app to save, overwrite, or change internal preferences you never intended.

Official Advisory:  
- Apple security updates - CVE-2023-32442
- NIST CVE Record

The Root Problem

Shortcuts app lets users automate everything, from resizing photos to automating emails. Under the hood, it stores sensitive settings in locked-down files and folders. But before the patch, there was a logic flaw: shortcuts could call certain internal APIs and access those settings without proper permission checks. That meant a shortcut could, for example, enable features or toggle off security options, all behind the scenes.

3. A Sample Exploit (What Could Go Wrong?)

Here’s how an attacker could pull this off (in simplified pseudocode; do NOT use this for malicious reasons):

# Imagine this is part of a Shortcuts action using 'Run AppleScript'
do shell script "defaults write com.apple.shortcuts CriticalSetting -bool true"

Another way, using the Run Shell Script action

# Command embedded inside malicious shortcut
defaults write com.apple.shortcuts RunOnLaunch -bool false

What do these do?

The second line might turn off the ability of Shortcuts to launch at login.

This could lead to a user’s automations not working, or even make Shortcuts ignore some safety protections. A clever shortcut could even revert the fix after each reboot.

4. How the Patch Works

With macOS Ventura 13.5 and Monterey 12.6.8, Apple added *stricter access controls*:

Monterey 12.6.8+

Update by going to Apple menu > System Settings > General > Software Update.

Be suspicious of unknown or untrusted shortcuts – don’t import them unless you know they’re safe.

7. Conclusion and Resources

CVE-2023-32442 reminds us everyone needs to keep macOS up to date and be careful with automation workflows. Even a tiny shortcut could have had a big impact!

Read More

- Apple security release notes for macOS 13.5
- Apple security release notes for macOS 12.6.8
- NVD listing

If you want to learn more about Mac and iOS security flaws, keep an eye on Apple’s Security Updates.

Timeline

Published on: 07/27/2023 01:15:31 UTC
Last modified on: 08/01/2023 19:10:34 UTC