CVE-2022-22586Out-of-bounds Write in Apple Macos

CWE-787Out-of-bounds Write5 documents4 sources
Severity
9.8CRITICALNVD
EPSS
1.1%
top 21.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MacosApple Macos Monterey
Timeline
PublishedMar 18
Latest updateMar 19

Description

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

CVEListV5apple/macosunspecified12.2
NVDapple/macos< 12.2

🔴Vulnerability Details

1
GHSA
GHSA-hrqh-mqj9-qm2w: An out-of-bounds write issue was addressed with improved bounds checking2022-03-19

📋Vendor Advisories

1
Apple
CVE-2022-22586: macOS Monterey 12.22022-01-26

🕵️Threat Intelligence

2
Sentinelone
10 Assumptions About macOS Security That Put Your Business At Risk2022-02-07
Sentinelone
10 Assumptions About macOS Security That Put Your Business At Risk2022-02-07