Main Vulnerability Database Vulnerabilities #VU66586

#VU66586 Out-of-bounds write in macOS - CVE-2022-32894

Published: August 17, 2022 / Updated: August 24, 2022

Vulnerability identifier: #VU66586

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber

CVE-ID: CVE-2022-32894

CWE-ID: CWE-787

Exploitation vector: Local access

Exploit availability: The vulnerability is being exploited in the wild

Vulnerable software:
macOS

Software vendor:
Apple Inc.

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary error within the OS kernel component. A local application can trigger an out-of-bounds write error and execute arbitrary code on the system with kernel privileges.

Note, the vulnerability is being actively exploited in the wild.

Remediation

Install updates from vendor's website.

External links

https://support.apple.com/en-us/HT213413

#VU66586 Out-of-bounds write in macOS - CVE-2022-32894

Description

Remediation

External links

Please verify you're human