CVE-2022-32880 — Improper Access Control in Apple Macos

Severity

6.5MEDIUMNVD

EPSS

0.3%

top 47.43%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedSep 20

Latest updateSep 21

Description

This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.5. An app may be able to access user-sensitive data.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

▶CVEListV5apple/macosunspecified — 12.5

▶NVDapple/macos12.0.0 — 12.5

GHSA

GHSA-7qp8-gff7-3q94: This issue was addressed by enabling hardened runtime↗2022-09-21

▶

Apple

CVE-2022-32880: macOS Monterey 12.5↗2022-07-20

▶