CVE-2022-32834

CWE-284Improper Access Control6 documents4 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 90.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MacosApple MAC OS X
Timeline
PublishedAug 24
Latest updateAug 25

Description

An access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to access sensitive user information.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

CVEListV5apple/macosunspecified12.5+2
NVDapple/macos11.011.6.8+3
NVDapple/mac_os_x10.15.7

🔴Vulnerability Details

2
GHSA
GHSA-mv7m-fwq2-hc3h: An access issue was addressed with improvements to the sandbox2022-08-25
CVEList
CVE-2022-32834: An access issue was addressed with improvements to the sandbox2022-08-24

📋Vendor Advisories

3
Apple
CVE-2022-32834: macOS Big Sur 11.6.82022-07-20
Apple
CVE-2022-32834: Security Update 2022-005 Catalina2022-07-20
Apple
CVE-2022-32834: macOS Monterey 12.52022-07-20
CVE-2022-32834 (MEDIUM CVSS 5.5) | An access issue was addressed with | cvebase.io