CVE-2022-22583Resource Exposure in Apple Macos

CWE-668Resource Exposure13 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.2%
top 61.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MacosApple MAC OS X
Timeline
PublishedMar 18
Latest updateDec 21

Description

A permissions issue was addressed with improved validation. This issue is fixed in Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. An application may be able to access restricted files.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

CVEListV5apple/macosunspecified12.2+2
NVDapple/macos12.0.012.3+2
NVDapple/mac_os_x10.1510.15.7+1

🔴Vulnerability Details

2
GHSA
GHSA-fqhm-44xp-628c: A permissions issue was addressed with improved validation2022-03-19
CVEList
CVE-2022-22583: A permissions issue was addressed with improved validation2022-03-18

📋Vendor Advisories

3
Apple
CVE-2022-22583: macOS Monterey 12.22022-01-26
Apple
CVE-2022-22583: macOS Big Sur 11.6.32022-01-26
Apple
CVE-2022-22583: Security Update 2022-001 Catalina2022-01-26

🕵️Threat Intelligence

7
Trendmicro
A Technical Analysis of CVE-2022-22583 and CVE-2022-328002022-12-21
Trendmicro
A Technical Analysis of CVE-2022-22583 and CVE-2022-328002022-12-21
Trendmicro
A Technical Analysis of CVE-2022-22583 and CVE-2022-328002022-12-21
Trendmicro
A Technical Analysis of CVE-2022-22583 and CVE-2022-328002022-12-21
Trendmicro
A Technical Analysis of CVE-2022-22583 and CVE-2022-328002022-12-21
CVE-2022-22583 — Resource Exposure in Apple Macos | cvebase