Out-of-bounds Write Vulnerability in Apple Products
CVE-2022-26715

7.8HIGH

Key Information:

Vendor

Apple
Status
Security Update - Catalina
Mac OS
Vendor
CVE Published:
26 May 2022

What is CVE-2022-26715?

An out-of-bounds write vulnerability exists in Apple's macOS products, allowing an application to potentially gain elevated privileges. This issue was mitigated with enhanced bounds checking in specific security updates, including macOS Monterey 12.4 and Big Sur 11.6.6. Users are advised to install the latest security updates to safeguard their systems against exploitation.

Affected Version(s)

macOS < 11.6

macOS < 12.4

Security Update - Catalina < 2022

References

https://support.apple.com/en-us/HT213255
x_refsource_MISC
https://support.apple.com/en-us/HT213256
x_refsource_MISC
https://support.apple.com/en-us/HT213257
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.