Apple Macos Monterey vulnerabilities

CVE-2022-26766 [MEDIUM] CVE-2022-26766: macOS Monterey 12.4 Apple Security Update: About the security content of macOS Monterey 12.4 Product: macOS Monterey Version: 12.4 CVE: CVE-2022-26766 Component: Security Impact: A malicious app may be able to bypass signature validation Description: A certificate parsing issue was addressed with improved checks.

CVE-2022-26765 [MEDIUM] CVE-2022-26765: macOS Monterey 12.4 Apple Security Update: About the security content of macOS Monterey 12.4 Product: macOS Monterey Version: 12.4 CVE: CVE-2022-26765 Component: Kernel Impact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication Description: A race condition was addressed with improved state handling.

CVE-2022-26764 [MEDIUM] CVE-2022-26764: macOS Monterey 12.4 Apple Security Update: About the security content of macOS Monterey 12.4 Product: macOS Monterey Version: 12.4 CVE: CVE-2022-26764 Component: Kernel Impact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations Description: A memory corruption issue was addressed with improved validation.

CVE-2022-26727 [MEDIUM] CVE-2022-26727: macOS Monterey 12.4 Apple Security Update: About the security content of macOS Monterey 12.4 Product: macOS Monterey Version: 12.4 CVE: CVE-2022-26727 Component: PackageKit Impact: A malicious application may be able to modify protected parts of the file system Description: This issue was addressed with improved entitlements.

CVE-2022-22677 [MEDIUM] CVE-2022-22677: macOS Monterey 12.4 Apple Security Update: About the security content of macOS Monterey 12.4 Product: macOS Monterey Version: 12.4 CVE: CVE-2022-22677 Component: WebRTC Impact: Video self-preview in a webRTC call may be interrupted if the user answers a phone call Description: A logic issue in the handling of concurrent media was addressed with improved state handling.

CVE-2022-26725 [MEDIUM] CVE-2022-26725: macOS Monterey 12.4 Apple Security Update: About the security content of macOS Monterey 12.4 Product: macOS Monterey Version: 12.4 CVE: CVE-2022-26725 Component: ImageIO Impact: Photo location information may persist after it is removed with Preview Inspector Description: A logic issue was addressed with improved state management.

CVE-2022-26731 [MEDIUM] CVE-2022-26731: macOS Monterey 12.4 Apple Security Update: About the security content of macOS Monterey 12.4 Product: macOS Monterey Version: 12.4 CVE: CVE-2022-26731 Component: Safari Private Browsing Impact: A malicious website may be able to track users in Safari private browsing mode Description: A logic issue was addressed with improved state management.

CVE-2022-26707 [MEDIUM] CVE-2022-26707: macOS Monterey 12.4 Apple Security Update: About the security content of macOS Monterey 12.4 Product: macOS Monterey Version: 12.4 CVE: CVE-2022-26707 Component: AppleMobileFileIntegrity Impact: A user may be able to view sensitive user information Description: An issue in the handling of environment variables was addressed with improved validation.

CVE-2022-26745 [MEDIUM] CVE-2022-26745: macOS Monterey 12.4 Apple Security Update: About the security content of macOS Monterey 12.4 Product: macOS Monterey Version: 12.4 CVE: CVE-2022-26745 Component: Wi-Fi Impact: A malicious application may disclose restricted memory Description: A memory corruption issue was addressed with improved validation.

CVE-2022-32782 [MEDIUM] CVE-2022-32782: macOS Monterey 12.4 Apple Security Update: About the security content of macOS Monterey 12.4 Product: macOS Monterey Version: 12.4 CVE: CVE-2022-32782 Component: Photo Booth Impact: An app with root privileges may be able to access private information Description: This issue was addressed by enabling hardened runtime.

CVE-2022-32783 [MEDIUM] CVE-2022-32783: macOS Monterey 12.4 Apple Security Update: About the security content of macOS Monterey 12.4 Product: macOS Monterey Version: 12.4 CVE: CVE-2022-32783 Component: Bluetooth Impact: An app may gain unauthorized access to Bluetooth Description: A logic issue was addressed with improved checks.

CVE-2022-26746 [MEDIUM] CVE-2022-26746: macOS Monterey 12.4 Apple Security Update: About the security content of macOS Monterey 12.4 Product: macOS Monterey Version: 12.4 CVE: CVE-2022-26746 Component: Printing Impact: A malicious application may be able to bypass Privacy preferences Description: This issue was addressed by removing the vulnerable code.

CVE-2022-26712 [MEDIUM] CVE-2022-26712: macOS Monterey 12.4 Apple Security Update: About the security content of macOS Monterey 12.4 Product: macOS Monterey Version: 12.4 CVE: CVE-2022-26712 Component: PackageKit Impact: A malicious application may be able to modify protected parts of the file system Description: This issue was addressed by removing the vulnerable code.

CVE-2022-26755 [MEDIUM] CVE-2022-26755: macOS Monterey 12.4 Apple Security Update: About the security content of macOS Monterey 12.4 Product: macOS Monterey Version: 12.4 CVE: CVE-2022-26755 Component: Tcl Impact: A malicious application may be able to break out of its sandbox Description: This issue was addressed with improved environment sanitization.

CVE-2022-32781 [MEDIUM] CVE-2022-32781: macOS Monterey 12.4 Apple Security Update: About the security content of macOS Monterey 12.4 Product: macOS Monterey Version: 12.4 CVE: CVE-2022-32781 Component: FaceTime Impact: An app with root privileges may be able to access private information Description: This issue was addressed by enabling hardened runtime.

CVE-2022-26726 [MEDIUM] CVE-2022-26726: macOS Monterey 12.4 Apple Security Update: About the security content of macOS Monterey 12.4 Product: macOS Monterey Version: 12.4 CVE: CVE-2022-26726 Component: TCC Impact: An app may be able to capture a user's screen Description: This issue was addressed with improved checks.

CVE-2022-0530 [MEDIUM] CVE-2022-0530: macOS Monterey 12.4 Apple Security Update: About the security content of macOS Monterey 12.4 Product: macOS Monterey Version: 12.4 CVE: CVE-2022-0530 Component: CVE-2022-0530 Impact: An attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved input validation.

CVE-2022-26728 [MEDIUM] CVE-2022-26728: macOS Monterey 12.4 Apple Security Update: About the security content of macOS Monterey 12.4 Product: macOS Monterey Version: 12.4 CVE: CVE-2022-26728 Component: SoftwareUpdate Impact: A malicious application may be able to access restricted files Description: This issue was addressed with improved entitlements.

CVE-2022-48575 CVE-2022-48575: macOS Monterey 12.4 Apple Security Update: About the security content of macOS Monterey 12.4 Product: macOS Monterey Version: 12.4 CVE: CVE-2022-48575 Component: Login Window Impact: A person with access to a Mac may be able to bypass Login Window Description: A consistency issue was addressed with improved state handling.

CVE-2022-42857 CVE-2022-42857: macOS Monterey 12.4 Apple Security Update: About the security content of macOS Monterey 12.4 Product: macOS Monterey Version: 12.4 CVE: CVE-2022-42857 Component: System Preferences Impact: An app may be able to create symlinks to protected regions of the disk Description: This issue was addressed with improved validation of symlinks.