Vulnerability Name: | CVE-2022-32866 (CCN-238829) | ||||||||||||
Assigned: | 2022-10-24 | ||||||||||||
Published: | 2022-10-24 | ||||||||||||
Updated: | 2022-11-02 | ||||||||||||
Summary: | The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to execute arbitrary code with kernel privileges. | ||||||||||||
CVSS v3 Severity: | 7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) 6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 6.8 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C)
| ||||||||||||
Vulnerability Type: | CWE-noinfo | ||||||||||||
Vulnerability Consequences: | Gain Privilege | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2022-32866 Source: XF Type: UNKNOWN apple-ventura-cve202232866-priv-esc(238829) Source: MISC Type: Release Notes, Vendor Advisory https://support.apple.com/en-us/HT213443 Source: MISC Type: Release Notes, Vendor Advisory https://support.apple.com/en-us/HT213444 Source: MISC Type: Release Notes, Vendor Advisory https://support.apple.com/en-us/HT213486 Source: MISC Type: Release Notes, Vendor Advisory https://support.apple.com/en-us/HT213487 Source: CCN Type: Apple security document HT213488 About the security content of macOS Ventura 13 Source: MISC Type: Release Notes, Vendor Advisory https://support.apple.com/en-us/HT213488 | ||||||||||||
Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
BACK |