Multiple vulnerabilities in Apple macOS Monterey



Published: 2022-03-14 | Updated: 2022-09-09
Risk High
Patch available YES
Number of vulnerabilities 67
CVE-ID CVE-2021-4192
CVE-2022-22609
CVE-2022-22650
CVE-2022-22600
CVE-2022-22599
CVE-2022-22651
CVE-2022-22639
CVE-2022-22660
CVE-2022-22621
CVE-2021-4136
CVE-2021-4166
CVE-2021-4173
CVE-2021-4187
CVE-2021-4193
CVE-2022-22644
CVE-2021-46059
CVE-2022-0128
CVE-2022-0156
CVE-2022-0158
CVE-2021-30918
CVE-2022-22662
CVE-2022-22610
CVE-2022-22624
CVE-2022-22628
CVE-2022-22629
CVE-2022-22637
CVE-2022-22668
CVE-2022-22582
CVE-2022-22617
CVE-2022-22664
CVE-2022-22633
CVE-2022-22623
CVE-2022-22669
CVE-2022-22665
CVE-2022-22631
CVE-2022-22625
CVE-2022-22648
CVE-2022-22626
CVE-2022-22627
CVE-2022-22597
CVE-2022-22616
CVE-2021-22946
CVE-2021-22947
CVE-2021-22945
CVE-2022-22643
CVE-2022-22657
CVE-2022-22611
CVE-2022-22612
CVE-2022-22661
CVE-2022-22641
CVE-2022-22613
CVE-2022-22614
CVE-2022-22615
CVE-2022-22632
CVE-2022-22638
CVE-2022-22640
CVE-2021-36976
CVE-2022-22647
CVE-2022-22656
CVE-2022-26688
CVE-2022-26690
CVE-2022-22672
CVE-2021-30977
CVE-2022-21658
CVE-2022-22663
CVE-2022-26691
CVE-2022-22630
CWE-ID CWE-416
CWE-284
CWE-264
CWE-787
CWE-371
CWE-357
CWE-200
CWE-122
CWE-125
CWE-415
CWE-476
CWE-119
CWE-346
CWE-61
CWE-20
CWE-319
CWE-345
CWE-843
CWE-287
CWE-362
CWE-285
Exploitation vector Network
Public exploit Public exploit code for vulnerability #4 is available.
Vulnerability #7 is being exploited in the wild.
Public exploit code for vulnerability #25 is available.
Public exploit code for vulnerability #28 is available.
Public exploit code for vulnerability #64 is available.
Vulnerable software
Subscribe
macOS
Operating systems & Components / Operating system

Vendor Apple Inc.

Security Bulletin

This security bulletin contains information about 67 vulnerabilities.

1) Use-after-free

EUVDB-ID: #VU60790

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-4192

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Improper access control

EUVDB-ID: #VU61324

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22609

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper access restrictions in Preferences feature. A malicious application can read other applications' settings.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Improper access control

EUVDB-ID: #VU61325

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22650

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper access restrictions in QuickTime Player. A malicious plug-in can inherit the application's permissions and access user data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Security restrictions bypass

EUVDB-ID: #VU61326

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22600

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: Yes

Description

The vulnerability allows a malicious application to escalate privileges on the system.

The vulnerability exists due to incorrect permissions logic in Sandbox. A malicious application can bypass certain Privacy preferences.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Security restrictions bypass

EUVDB-ID: #VU61327

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22599

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due to an error in Siri. An attacker with physical access to device can use Siri to obtain some location information from the lock screen.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Out-of-bounds write

EUVDB-ID: #VU61328

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22651

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in SMB daemon. A remote attacker can send specially crafted packets to the system, trigger an out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

7) State Issues

EUVDB-ID: #VU61329

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22639

CWE-ID: CWE-371 - State Issues

Exploit availability: Yes

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a state management issue within the SoftwareUpdate subsystem. A malicious application can execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

8) Insufficient UI Warning of Dangerous Operations

EUVDB-ID: #VU61330

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22660

CWE-ID: CWE-357 - Insufficient UI Warning of Dangerous Operations

Exploit availability: No

Description

The vulnerability allows a local application to perform spoofing attack.

The vulnerability exists due to an error in the System Preferences feature. A local application can spoof system notifications and UI.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

9) Information disclosure

EUVDB-ID: #VU61331

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22621

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to potentially sensitive information.

The vulnerability exists due to sensitive information disclosure via keyboard suggestions. An attacker with physical access to the system can gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

10) Heap-based buffer overflow

EUVDB-ID: #VU60794

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-4136

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

11) Out-of-bounds read

EUVDB-ID: #VU60793

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-4166

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

12) Double Free

EUVDB-ID: #VU60792

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-4173

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger double free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

13) Double Free

EUVDB-ID: #VU60791

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-4187

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger double free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

14) Out-of-bounds read

EUVDB-ID: #VU60789

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-4193

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

15) Improper access control

EUVDB-ID: #VU61322

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22644

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a malicious application to gain access to sensitive information.

The vulnerability exists due to improper access restrictions within the NSSpellChecker feature when handling Contact cards. A malicious application can access information about a user's contacts.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

16) NULL pointer dereference

EUVDB-ID: #VU61332

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-46059

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the vim_regexec_multi() function in regexp.c in Vim. A remote attacker can trick the victim to open a specially crafted file and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

17) Out-of-bounds read

EUVDB-ID: #VU60788

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-0128

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

18) Use-after-free

EUVDB-ID: #VU60766

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-0156

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when processing lines inside files. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

19) Heap-based buffer overflow

EUVDB-ID: #VU60767

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-0158

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing lines that start with the "$" character. A remote attacker can trick the victim to open a specially crafted file, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

20) State Issues

EUVDB-ID: #VU57746

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-30918

CWE-ID: CWE-371 - State Issues

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists in the Status Bar component. A local attacker can view restricted content from the lockscreen.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

21) Information disclosure

EUVDB-ID: #VU61333

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-22662

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a cookie management issue in WebKit. A remote attacker can trick the victim to open a specially crafted webpage and gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

22) Buffer overflow

EUVDB-ID: #VU61334

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22610

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content in WebKit. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

23) Use-after-free

EUVDB-ID: #VU61335

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22624

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when processing HTML content in WebKit. A remote attacker can trick the victim to visit a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

24) Use-after-free

EUVDB-ID: #VU61336

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22628

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when processing HTML content in WebKit. A remote attacker can trick the victim to visit a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

25) Heap-based buffer overflow

EUVDB-ID: #VU61337

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22629

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content within the WebGLMultiDraw component. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

26) Origin validation error

EUVDB-ID: #VU61338

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-22637

CWE-ID: CWE-346 - Origin Validation Error

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to a logic error in WebKit. A remote attacker can trick the victim to visit a specially crafted website and cause unexpected cross-origin behavior.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

27) Information disclosure

EUVDB-ID: #VU61339

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22668

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to logic issue within the Wi-Fi component. A malicious application can leak sensitive user information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

28) UNIX symbolic link following

EUVDB-ID: #VU61340

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22582

CWE-ID: CWE-61 - UNIX Symbolic Link (Symlink) Following

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a symlink following issue in xar. A local user can create a specially crafted symbolic link to a critical file on the system and overwrite it with privileges of the application.

Successful exploitation of this vulnerability may result in privilege escalation.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

29) Security restrictions bypass

EUVDB-ID: #VU61323

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22617

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a malicious application to escalate privileges on the system.

The vulnerability exists due to a logic error in PackageKit. A malicious application can bypass implemented security restrictions and escalate privileges on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

30) Out-of-bounds read

EUVDB-ID: #VU61321

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22664

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to a boundary condition when processing files in GarageBand MIDI. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and execute arbitrary code on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

31) Buffer overflow

EUVDB-ID: #VU61296

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22633

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files within Accelerate Framework. A remote attacker can create a specially crafted PDF, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

32) Input validation error

EUVDB-ID: #VU61306

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-22623

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to unspecified vulnerability in curl. A remote attacker can bypass implemented security restrictions.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

33) Use-after-free

EUVDB-ID: #VU61297

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22669

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in macOS kernel AMD support. A local user can run a specially crafted program to trigger a use-after-free error and execute arbitrary code with elevated privileges.


Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

34) Security restrictions bypass

EUVDB-ID: #VU61298

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22665

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a logic error in AppKit. A malicious application can execute arbitrary code with root privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

35) Out-of-bounds write

EUVDB-ID: #VU61299

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22631

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a malicious application to escalate privileges on the system.

The vulnerability exists due to a boundary error within the AppleGraphicsControl subsystem. A malicious application can trigger an out-of-bounds write and execute arbitrary code with root privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

36) Out-of-bounds read

EUVDB-ID: #VU61300

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22625

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in AppleScript. A remote attacker can trick the victim to run a specially crafted SCPT file, trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

37) Out-of-bounds read

EUVDB-ID: #VU61303

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22648

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in AppleScript. A remote attacker can trick the victim to run a specially crafted SCPT file, trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

38) Out-of-bounds read

EUVDB-ID: #VU61301

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22626

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in AppleScript. A remote attacker can trick the victim to run a specially crafted SCPT file, trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

39) Out-of-bounds read

EUVDB-ID: #VU61302

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22627

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in AppleScript. A remote attacker can trick the victim to run a specially crafted SCPT file, trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

40) Buffer overflow

EUVDB-ID: #VU61304

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22597

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a malicious application to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing SCPT files. A malicious application can trigger buffer overflow and execute arbitrary code on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

41) Input validation error

EUVDB-ID: #VU61305

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22616

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input in BOM when processing ZIP files. A remote attacker can trick the victim to open a specially crafted ZIP archive, bypass Gatekeeper checks and execute arbitrary code on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

42) Cleartext transmission of sensitive information

EUVDB-ID: #VU56613

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-22946

CWE-ID: CWE-319 - Cleartext Transmission of Sensitive Information

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to an error, related to incorrect enforcement of the --ssl-reqd option on the command line or CURLOPT_USE_SSL setting set to CURLUSESSL_CONTROL or CURLUSESSL_ALL with libcurl. A remote attacker with control over the IMAP, POP3 or FTP server can send a specially crafted but perfectly legitimate response to the libcurl client and force it silently to continue its operations without TLS encryption and transmit data in clear text over the network.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

43) Insufficient verification of data authenticity

EUVDB-ID: #VU56615

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-22947

CWE-ID: CWE-345 - Insufficient Verification of Data Authenticity

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists in the way libcurl handles the STARTTLS negotiation process. When curl connects to an IMAP, POP3, SMTP or FTP server to exchange data securely using STARTTLS to upgrade the connection to TLS level, the server can still respond and send back multiple responses before the TLS upgrade. Such multiple "pipelined" responses are cached by curl. curl would then upgrade to TLS but not flush the in-queue of cached responses and instead use and trust the responses it got before the TLS handshake as if they were authenticated.

Using this flaw, it allows a Man-In-The-Middle attacker to first inject the fake responses, then pass-through the TLS traffic from the legitimate server and trick curl into sending data back to the user thinking the attacker's injected data comes from the TLS-protected server.

Over POP3 and IMAP an attacker can inject fake response data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

44) Double Free

EUVDB-ID: #VU56610

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-22945

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error when sending data to an MQTT server. A remote attacker with ability to control libcurl input can trigger a double free error and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

45) Security restrictions bypass

EUVDB-ID: #VU61307

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22643

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists in FaceTime due to the ability to send audio and video files without knowledge of the user. An attacker with physical access to the system can share sensitive information via FaceTime.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

46) Buffer overflow

EUVDB-ID: #VU61320

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22657

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing files in GarageBand MIDI. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

47) Out-of-bounds read

EUVDB-ID: #VU61308

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22611

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to a boundary condition in ImageIO. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and execute arbitrary code on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

48) Heap-based buffer overflow

EUVDB-ID: #VU61309

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22612

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error when processing files in ImageIO. A remote attacker can trick the victim to open a specially crafted file, trigger a heap corruption and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

49) Type Confusion

EUVDB-ID: #VU61310

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22661

CWE-ID: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')

Exploit availability: No

Description

The vulnerability allows a malicious application to escalate privileges on the system.

The vulnerability exists due to a type confusion error in Intel Graphics Driver subsystem. A local application can trigger a type confusion error and execute arbitrary code with kernel privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

50) Use-after-free

EUVDB-ID: #VU61311

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22641

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a malicious application to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in IOGPUFamily component. A malicious application can trigger a use-after-free error and execute arbitrary code on the system with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

51) Out-of-bounds write

EUVDB-ID: #VU61312

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22613

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary error in macOS kernel. A malicious application can trigger an out-of-bounds write error and execute arbitrary code with kernel privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

52) Use-after-free

EUVDB-ID: #VU61313

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22614

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary error in macOS kernel. A malicious application can trigger a use-after-free error and execute arbitrary code with kernel privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

53) Use-after-free

EUVDB-ID: #VU61314

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22615

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary error in macOS kernel. A malicious application can trigger a use-after-free error and execute arbitrary code with kernel privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

54) Security restrictions bypass

EUVDB-ID: #VU61315

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22632

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper state management in macOS kernel. A local user can execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

55) NULL pointer dereference

EUVDB-ID: #VU61316

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22638

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in macOS kernel. A local user can run a specially crafted program and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

56) Buffer overflow

EUVDB-ID: #VU61317

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22640

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in macOS kernel. A local user can run a specially crafted program to trigger memory corruption and execute arbitrary code on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

57) Use-after-free

EUVDB-ID: #VU59459

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-36976

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error in copy_string. A remote attacker can cause a denial of service condition on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

58) Improper Authentication

EUVDB-ID: #VU61319

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22647

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows an attacker to bypass Login Window authentication.

The vulnerability exists due to an error in the Login Window feature. An attacker with physical access to the system can bypass the login window and gain unauthorized access to the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

59) Improper Authentication

EUVDB-ID: #VU61318

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22656

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows an attacker to bypass login window dialog.

The vulnerability exists due to an error in the Login Window feature. An attacker with physical access to the system can bypass authentication process and view the previous logged in user’s desktop from the fast user switching screen.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

60) UNIX symbolic link following

EUVDB-ID: #VU64809

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26688

CWE-ID: CWE-61 - UNIX Symbolic Link (Symlink) Following

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a symlink following issue within PackageKit. A local user can create a specially crafted symbolic link to a critical file on the system and overwrite it with privileges of the application.

Successful exploitation of this vulnerability may result in privilege escalation.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183
http://www.zerodayinitiative.com/advisories/ZDI-22-877/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

61) Race condition

EUVDB-ID: #VU64808

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26690

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition in PackageKit. A local user can exploit the race to modify protected parts of the file system and escalate privileges on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

62) Buffer overflow

EUVDB-ID: #VU64807

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22672

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary error within the MobileAccessoryUpdater component. A malicious application can trigger memory corruption and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

63) Buffer overflow

EUVDB-ID: #VU58857

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-30977

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in Graphics Drivers. A local user can run a specially crafted program to trigger memory corruption and execute arbitrary code with kernel privileges.


Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

64) Race condition

EUVDB-ID: #VU59898

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-21658

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to a race condition in std::fs::remove_dir_all. A remote attacker can exploit the race, escalate privileges and delete arbitrary files on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

65) Security restrictions bypass

EUVDB-ID: #VU63290

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22663

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to improper securi5ty checks in the CoreTypes subsystem. A local application can bypass Gatekeeper checks.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

66) Improper Authorization

EUVDB-ID: #VU63747

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-26691

CWE-ID: CWE-285 - Improper Authorization

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to an error in implementation of "Local" authorization mechanism. A remote attacker can authenticate as to CUPS as root/admin without the 32-byte secret key and execute arbitrary code on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://support.apple.com/en-us/HT213183

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

67) Buffer overflow

EUVDB-ID: #VU66510

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22630

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in Apple Remote Events. A remote attacker can send specially crafted request to the system, trigger memory corruption and execute arbitrary code on the target system in the context of the AEServer process.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.2.1 21D62


CPE2.3 External links

http://www.zerodayinitiative.com/advisories/ZDI-22-1065/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###