Sandbox Escape Vulnerability in Apple macOS Products
CVE-2022-26755

6.3MEDIUM

Key Information:

Vendor

Apple
Status
Security Update - Catalina
Mac OS
Vendor
CVE Published:
26 May 2022

What is CVE-2022-26755?

The vulnerability involves a flaw that enables a malicious application to break out of its sandboxed environment, potentially leading to unauthorized access to system resources and data. Apple has resolved this issue with improved environment sanitization, and users are advised to update to the latest versions of macOS Monterey and Big Sur to mitigate risks.

Affected Version(s)

macOS < 11.6

macOS < 12.4

Security Update - Catalina < 2022

References

https://support.apple.com/en-us/HT213255
x_refsource_MISC
https://support.apple.com/en-us/HT213256
x_refsource_MISC
https://support.apple.com/en-us/HT213257
x_refsource_MISC

CVSS V3.1

Score:
6.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.