Multiple vulnerabilities in Apple macOS Monterey



Published: 2022-09-12 | Updated: 2022-09-18
Risk High
Patch available YES
Number of vulnerabilities 8
CVE-ID CVE-2022-32902
CVE-2022-32896
CVE-2022-32911
CVE-2022-32864
CVE-2022-32917
CVE-2022-32883
CVE-2022-32908
CVE-2022-32900
CWE-ID CWE-264
CWE-200
CWE-119
CWE-125
Exploitation vector Network
Public exploit Vulnerability #5 is being exploited in the wild.
Public exploit code for vulnerability #6 is available.
Vulnerable software
Subscribe
macOS
Operating systems & Components / Operating system

Vendor Apple Inc.

Security Bulletin

This security bulletin contains information about 8 vulnerabilities.

1) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU67188

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-32902

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to a logic error in ATS. A local application can bypass Privacy preferences.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.5.1 21G83


CPE2.3 External links

http://support.apple.com/en-us/HT213444

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Information disclosure

EUVDB-ID: #VU67189

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-32896

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output in iMovie. A remote attacker can gain unauthorized access to sensitive user information.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.5.1 21G83


CPE2.3 External links

http://support.apple.com/en-us/HT213444

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Buffer overflow

EUVDB-ID: #VU67190

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-32911

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary error within the OS kernel. A local application can trigger memory corruption and execute arbitrary code with elevated privileges.


Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.5.1 21G83


CPE2.3 External links

http://support.apple.com/en-us/HT213444

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Out-of-bounds read

EUVDB-ID: #VU67191

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-32864

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the OS kernel. A local application can trigger an out-of-bounds read error and read kernel memory.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.5.1 21G83


CPE2.3 External links

http://support.apple.com/en-us/HT213444

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Buffer overflow

EUVDB-ID: #VU67192

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-32917

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary error within the OS kernel. A local application can trigger memory corruption and execute arbitrary code with elevated privileges.

Note, the vulnerability is being actively exploited in the wild.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.5.1 21G83


CPE2.3 External links

http://support.apple.com/en-us/HT213444

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Information disclosure

EUVDB-ID: #VU67193

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-32883

CWE-ID: CWE-200 - Information Exposure

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a logic issue in the Maps component. A remote attacker can gain unauthorized access to sensitive location information.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.5.1 21G83


CPE2.3 External links

http://support.apple.com/en-us/HT213444

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

7) Buffer overflow

EUVDB-ID: #VU67194

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-32908

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in MediaLibrary. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.5.1 21G83


CPE2.3 External links

http://support.apple.com/en-us/HT213444

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

8) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU67195

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-32900

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a logic error in PackageKit. A local application can execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 12.0 21A344 - 12.5.1 21G83


CPE2.3 External links

http://support.apple.com/en-us/HT213444

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###