CVE-2022-22648

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions macOS versions prior to 11.6.5 macOS Monterey versions prior to 12.3 macOS Catalina versions without Security Update 2022-003

Description The issue allows an application to potentially read restricted memory due to an out-of-bounds read in SCPT file parsing. This could lead to an information disclosure. The estimated number of potentially affected devices and details about real-world incidents are not provided.

Recommendations For macOS versions prior to 11.6.5, update to macOS Big Sur 11.6.5. For macOS Monterey versions prior to 12.3, update to macOS Monterey 12.3. For macOS Catalina, apply Security Update 2022-003.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2022-22648

ZDI-22-713

ZDI-22-715

Affected Products

Apple Macos

CVE-2022-22648

Related Identifiers

Affected Products

References · 10