Integer Overflow Vulnerability in Apple Operating Systems
CVE-2022-26775

9.8CRITICAL

Key Information:

Vendor

Apple
Status
Security Update - Catalina
Mac OS
Vendor
CVE Published:
26 May 2022

What is CVE-2022-26775?

An integer overflow vulnerability found in Apple's operating systems has been addressed through improved input validation. The flaw could allow attackers to manipulate applications, leading to unexpected termination or enabling arbitrary code execution. Users are encouraged to apply the Security Update 2022-004 for macOS Catalina and ensure their operating systems are updated to macOS Monterey 12.4 to mitigate the risks associated with this vulnerability.

Affected Version(s)

macOS < 12.4

Security Update - Catalina < 2022

References

https://support.apple.com/kb/HT213253
x_refsource_CONFIRM
https://support.apple.com/kb/HT213258
x_refsource_CONFIRM
https://support.apple.com/kb/HT213254
x_refsource_CONFIRM

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.