We are letting you know of a security vulnerability (CVE-2023-43976) that was recently identified and impacts Cato macOS Clients v5.3.x. This CVE can let attackers who have access to the macOS Client on the device escalate their privileges. The Cato macOS Client versions 5.4.0 (and higher) include a security patch that fixes this vulnerability.
We see that there are SDP users in your account with macOS devices that used macOS Clients v5.3.x within the past 30 days and are potentially vulnerable to attacks using CVE-2023-43976. We strongly recommend that you make sure that all macOS Clients are upgraded to newest macOS Client version (v5.4.x) to protect against the vulnerability. You can download the latest macOS Client version from the Cato Client download portal.
What Changes Do I Need to Make?
Use the SDP User Dashboard to identify users that have macOS Client v5.3.x, and make sure that they upgrade to newest macOS Client version (v5.4.x) and receive the most recent security patches and enhancements.
What is the Impact to the Account?
If you don’t upgrade to macOS Client v5.4.0 or higher, devices with macOS Client v5.3.x are vulnerable to malicious attacks that use CVE-2-23-43976.
Who Do I Talk to If I Have Questions?
Please contact Support.