CVE-2022-26688
published 2022-05-26CVE-2022-26688: An issue in the handling of symlinks was addressed with improved validation. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3…
medium4.4CVSS 3.1
AVLACLPRHUINSUCNIHAN
An issue in the handling of symlinks was addressed with improved validation. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A malicious app with root privileges may be able to modify the contents of system files.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | mac_os_x | — | — |
| apple | mac_os_x | >= 10.15 < 10.15.7 | 10.15.7 |
| apple | macos | >= 11.0 < 11.6.5 | 11.6.5 |
| apple | macos | >= 12.0.0 < 12.3 | 12.3 |
| apple | macos | >= unspecified < 12.3 | 12.3 |
| apple | macos | >= unspecified < 11.6 | 11.6 |
| apple | macos | >= unspecified < 2022 | 2022 |
| apple | macos_big_sur | — | — |
| apple | macos_monterey | — | — |
| apple | security_update_2022-003_catalina | — | — |