PT-2022-18021 · Apple · Apple Macos+5

Actae0N

Published

2022-05-16

Updated

2022-06-07

CVE-2022-26711

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions iTunes versions prior to 12.12.4 for Windows macOS versions prior to Monterey 12.4 iOS versions prior to 15.5 iPadOS versions prior to 15.5 tvOS versions prior to 15.5 watchOS versions prior to 8.6

Description The issue is related to an integer overflow that can be triggered by a remote attacker, potentially causing unexpected application termination or arbitrary code execution.

Recommendations For iTunes versions prior to 12.12.4 for Windows, update to version 12.12.4 or later. For macOS versions prior to Monterey 12.4, update to macOS Monterey 12.4 or later. For iOS versions prior to 15.5, update to iOS 15.5 or later. For iPadOS versions prior to 15.5, update to iPadOS 15.5 or later. For tvOS versions prior to 15.5, update to tvOS 15.5 or later. For watchOS versions prior to 8.6, update to watchOS 8.6 or later.

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

CVE-2022-26711

ZDI-22-792

Affected Products

Apple Macos

Ios

Ipados

Itunes

Tvos

Watchos

PT-2022-18021 · Apple · Apple Macos+5

CVE-2022-26711

Weakness Enumeration

Related Identifiers

Affected Products

References · 10