CVE-2022-42853Improper Access Control in Apple Macos

CWE-284Improper Access Control4 documents3 sources
Severity
5.5MEDIUMNVD
EPSS
0.2%
top 62.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Apple MacosApple Macos MontereyApple Macos Ventura
Timeline
PublishedDec 15

Description

An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13.1. An app may be able to modify protected parts of the file system.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

CVEListV5apple/macosunspecified13.1
NVDapple/macos< 13.1
Appleapple/macos_monterey12.6.2

🔴Vulnerability Details

1
GHSA
GHSA-6mq6-fpvp-rmfg: An access issue was addressed with improved access restrictions2022-12-15

📋Vendor Advisories

2
Apple
CVE-2022-42853: macOS Ventura 13.12022-12-13
Apple
CVE-2022-42853: macOS Monterey 12.6.22022-12-13