CVE-2022-26745 — Out-of-bounds Write in Apple Macos

CWE-787 — Out-of-bounds Write7 documents3 sources

Severity

5.5MEDIUMNVD

EPSS

0.3%

top 49.86%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Macos Apple IOS 15.5 AND Ipados Apple Macos BIG SUR +3 more

Timeline

PublishedMay 26

Latest updateMay 27

Description

A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.6.6. A malicious application may disclose restricted memory.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages7 packages

▶CVEListV5apple/macosunspecified — 11.6

▶NVDapple/macos11.0 — 11.6.6

▶Appleapple/macos_big_sur11.6.6

▶Appleapple/macos_monterey12.4

▶Appleapple/tvos15.5

🔴Vulnerability Details

GHSA

GHSA-xhx5-q73w-h3cj: A memory corruption issue was addressed with improved validation↗2022-05-27

▶

📋Vendor Advisories

Apple

CVE-2022-26745: iOS 15.5 and iPadOS 15.5↗2022-05-16

▶

Apple

CVE-2022-26745: macOS Big Sur 11.6.6↗2022-05-16

▶

Apple

CVE-2022-26745: macOS Monterey 12.4↗2022-05-16

▶

Apple

CVE-2022-26745: tvOS 15.5↗2022-05-16

▶

Apple

CVE-2022-26745: watchOS 8.6↗2022-05-16

▶