File System Vulnerability in macOS Monterey and Catalina by Apple
CVE-2022-26727

5.5MEDIUM

Key Information:

Vendor: Apple
Status: Security Update - Catalina; Mac OS
Vendor: CVE Published:; 26 May 2022

What is CVE-2022-26727?

This vulnerability involves a flaw in the file system protections of macOS Monterey and Catalina. It allows malicious applications to potentially bypass restrictions and alter protected areas of the file system. This can lead to unauthorized access and modification of sensitive data. Apple has addressed this issue in a security update, enhancing entitlements to mitigate the threat.

Affected Version(s)

macOS < 12.4

Security Update - Catalina < 2022

References

https://support.apple.com/en-us/HT213255

x_refsource_MISC

https://support.apple.com/en-us/HT213257

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 26, 2022
Vulnerability Reserved
Mar 8, 2022