PT-2022-26580 · Apple · Macos Monterey+2

Koh M. Nakagawa

Published

2022-09-12

Updated

2022-11-02

CVE-2022-42789

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions macOS versions prior to 11.7 macOS Monterey versions prior to 12.6 macOS Ventura version 13 is not affected, but versions prior to 13 are vulnerable, however since 13 is the starting version, it is already included in 'prior to' statement, hence the correct statement is: macOS versions prior to 11.7 macOS Monterey versions prior to 12.6

Description The issue concerns a problem in code signature validation that has been addressed with improved checks. This could allow an app to access user-sensitive data.

Recommendations For macOS versions prior to 11.7, update to macOS Big Sur 11.7 or later. For macOS Monterey versions prior to 12.6, update to macOS Monterey 12.6 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2022-42789

Affected Products

Apple Macos

Macos Big Sur

Macos Monterey

PT-2022-26580 · Apple · Macos Monterey+2

CVE-2022-42789

Related Identifiers

Affected Products

References · 9