Main Vulnerability Database Vulnerabilities #VU61307

#VU61307 Security restrictions bypass in macOS - CVE-2022-22643

Published: March 14, 2022

Vulnerability identifier: #VU61307

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2022-22643

CWE-ID: CWE-264

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
macOS

Software vendor:
Apple Inc.

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists in FaceTime due to the ability to send audio and video files without knowledge of the user. An attacker with physical access to the system can share sensitive information via FaceTime.

Remediation

Install updates from vendor's website.

External links

https://support.apple.com/en-us/HT213183

#VU61307 Security restrictions bypass in macOS - CVE-2022-22643

Description

Remediation

External links

Please verify you're human