CVE-2022-32801Improper Privilege Management in Apple Macos

CWE-269Improper Privilege Management3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 84.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MacosApple Macos Monterey
Timeline
PublishedSep 23
Latest updateSep 25

Description

This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5. An app may be able to gain root privileges.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

CVEListV5apple/macosunspecified12.5
NVDapple/macos12.012.5

🔴Vulnerability Details

1
GHSA
GHSA-6h67-m47q-xj4p: This issue was addressed with improved checks2022-09-25

📋Vendor Advisories

1
Apple
CVE-2022-32801: macOS Monterey 12.52022-07-20