Out-of-Bounds Write Vulnerability Affecting Apple macOS and iOS
CVE-2022-26756

7.8HIGH

Key Information:

Vendor

Apple
Status
Security Update - Catalina
Mac OS
Vendor
CVE Published:
26 May 2022

What is CVE-2022-26756?

This vulnerability is identified as an out-of-bounds write issue that could allow an application to execute arbitrary code with kernel privileges. It has been addressed by Apple with enhanced input validation mechanisms in their software updates. Users are strongly encouraged to update to the latest versions of macOS and iOS to mitigate any potential risks associated with this vulnerability.

Affected Version(s)

macOS < 11.6

macOS < 12.4

Security Update - Catalina < 2022

References

https://support.apple.com/en-us/HT213255
x_refsource_MISC
https://support.apple.com/en-us/HT213256
x_refsource_MISC
https://support.apple.com/en-us/HT213257
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.