Apple Macos Monterey vulnerabilities

CVE-2021-30946 [MEDIUM] CVE-2021-30946: macOS Monterey 12.3 Apple Security Update: About the security content of macOS Monterey 12.3 Product: macOS Monterey Version: 12.3 CVE: CVE-2021-30946 Component: LaunchServices Impact: An app may be able to bypass certain Privacy preferences Description: A logic issue was addressed with improved restrictions.

CVE-2022-0156 [MEDIUM] CVE-2022-0156: macOS Monterey 12.3 Apple Security Update: About the security content of macOS Monterey 12.3 Product: macOS Monterey Version: 12.3 CVE: CVE-2022-0156 Component: CVE-2022-0156

CVE-2022-22650 [MEDIUM] CVE-2022-22650: macOS Monterey 12.3 Apple Security Update: About the security content of macOS Monterey 12.3 Product: macOS Monterey Version: 12.3 CVE: CVE-2022-22650 Component: QuickTime Player Impact: A plug-in may be able to inherit the application's permissions and access user data Description: This issue was addressed with improved checks.

CVE-2022-22662 [MEDIUM] CVE-2022-22662: macOS Monterey 12.3 Apple Security Update: About the security content of macOS Monterey 12.3 Product: macOS Monterey Version: 12.3 CVE: CVE-2022-22662 Component: WebKit Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A cookie management issue was addressed with improved state management.

CVE-2022-22616 [MEDIUM] CVE-2022-22616: macOS Monterey 12.3 Apple Security Update: About the security content of macOS Monterey 12.3 Product: macOS Monterey Version: 12.3 CVE: CVE-2022-22616 Component: BOM Impact: A maliciously crafted ZIP archive may bypass Gatekeeper checks Description: This issue was addressed with improved checks.

CVE-2022-22660 [MEDIUM] CVE-2022-22660: macOS Monterey 12.3 Apple Security Update: About the security content of macOS Monterey 12.3 Product: macOS Monterey Version: 12.3 CVE: CVE-2022-22660 Component: System Preferences Impact: An app may be able to spoof system notifications and UI Description: This issue was addressed with a new entitlement.

CVE-2022-22668 [MEDIUM] CVE-2022-22668: macOS Monterey 12.3 Apple Security Update: About the security content of macOS Monterey 12.3 Product: macOS Monterey Version: 12.3 CVE: CVE-2022-22668 Component: Wi-Fi Impact: A malicious application may be able to leak sensitive user information Description: A logic issue was addressed with improved restrictions.

CVE-2022-22599 [LOW] CVE-2022-22599: macOS Monterey 12.3 Apple Security Update: About the security content of macOS Monterey 12.3 Product: macOS Monterey Version: 12.3 CVE: CVE-2022-22599 Component: Siri Impact: A person with physical access to a device may be able to use Siri to obtain some location information from the lock screen Description: A permissions issue was addressed with improved validation.

CVE-2021-30918 [LOW] CVE-2021-30918: macOS Monterey 12.3 Apple Security Update: About the security content of macOS Monterey 12.3 Product: macOS Monterey Version: 12.3 CVE: CVE-2021-30918 Component: VoiceOver Impact: A user may be able to view restricted content from the lock screen Description: A lock screen issue was addressed with improved state management.

CVE-2022-0158 [LOW] CVE-2022-0158: macOS Monterey 12.3 Apple Security Update: About the security content of macOS Monterey 12.3 Product: macOS Monterey Version: 12.3 CVE: CVE-2022-0158 Component: CVE-2022-0158

CVE-2022-22656 [LOW] CVE-2022-22656: macOS Monterey 12.3 Apple Security Update: About the security content of macOS Monterey 12.3 Product: macOS Monterey Version: 12.3 CVE: CVE-2022-22656 Component: CVE-2022-22656

CVE-2021-46059 CVE-2021-46059: macOS Monterey 12.3 Apple Security Update: About the security content of macOS Monterey 12.3 Product: macOS Monterey Version: 12.3 CVE: CVE-2021-46059 Component: CVE-2021-46059

CVE-2022-22620 [HIGH] CVE-2022-22620: macOS Monterey 12.2.1 Apple Security Update: About the security content of macOS Monterey 12.2.1 Product: macOS Monterey Version: 12.2.1 CVE: CVE-2022-22620 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Description: A use after free issue was addressed with improved memory management.

CVE-2022-22587 [CRITICAL] CVE-2022-22587: macOS Monterey 12.2 Apple Security Update: About the security content of macOS Monterey 12.2 Product: macOS Monterey Version: 12.2 CVE: CVE-2022-22587 Component: IOMobileFrameBuffer Impact: A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. Description: A memory corruption issue was addressed with improved input validation.

CVE-2022-22586 [CRITICAL] CVE-2022-22586: macOS Monterey 12.2 Apple Security Update: About the security content of macOS Monterey 12.2 Product: macOS Monterey Version: 12.2 CVE: CVE-2022-22586 Component: AMD Kernel Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2022-22591 [HIGH] CVE-2022-22591: macOS Monterey 12.2 Apple Security Update: About the security content of macOS Monterey 12.2 Product: macOS Monterey Version: 12.2 CVE: CVE-2022-22591 Component: Intel Graphics Driver Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2022-22579 [HIGH] CVE-2022-22579: macOS Monterey 12.2 Apple Security Update: About the security content of macOS Monterey 12.2 Product: macOS Monterey Version: 12.2 CVE: CVE-2022-22579 Component: Model I/O Impact: Processing a maliciously crafted STL file may lead to unexpected application termination or arbitrary code execution Description: An information disclosure issue was addressed with improved state management.

CVE-2022-22590 [HIGH] CVE-2022-22590: macOS Monterey 12.2 Apple Security Update: About the security content of macOS Monterey 12.2 Product: macOS Monterey Version: 12.2 CVE: CVE-2022-22590 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management.

CVE-2022-22585 [HIGH] CVE-2022-22585: macOS Monterey 12.2 Apple Security Update: About the security content of macOS Monterey 12.2 Product: macOS Monterey Version: 12.2 CVE: CVE-2022-22585 Component: Crash Reporter Impact: A malicious application may be able to gain root privileges Description: A logic issue was addressed with improved validation.

CVE-2022-22578 [HIGH] CVE-2022-22578: macOS Monterey 12.2 Apple Security Update: About the security content of macOS Monterey 12.2 Product: macOS Monterey Version: 12.2 CVE: CVE-2022-22578 Component: Crash Reporter Impact: A malicious application may be able to gain root privileges Description: A logic issue was addressed with improved validation.