PT-2022-18045 · Apple · Apple Macos
Jordy Zomer
+1
·
Published
2022-05-16
·
Updated
2022-11-04
·
CVE-2022-26743
CVSS v3.1
7.0
High
| Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
macOS Monterey versions prior to 12.4
Description
An out-of-bounds write issue was addressed with improved bounds checking. This issue allows an attacker that has already achieved code execution in macOS Recovery to potentially escalate to kernel privileges.
Recommendations
For macOS Monterey versions prior to 12.4, update to version 12.4 to resolve the issue. As a temporary workaround, consider restricting access to macOS Recovery to minimize the risk of exploitation.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apple Macos