Out-of-Bounds Read Vulnerability in Xcode by Apple
CVE-2022-22601

7.8HIGH

Key Information:

Vendor: Apple
Status: Xcode
Vendor: CVE Published:; 18 March 2022

What is CVE-2022-22601?

An out-of-bounds read vulnerability in Xcode may allow attackers to craft malicious files that, when opened, could lead to unexpected application termination or arbitrary code execution. This issue highlights the importance of proper bounds checking and is resolved in the latest release of Xcode (13.3). For more details about this issue, visit the Apple support page.

Affected Version(s)

Xcode < 13.3

References

https://support.apple.com/en-us/HT213189

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 18, 2022
Vulnerability Reserved
Jan 5, 2022