PT-2022-6991 · Apple · Macos Catalina+4
Antonio Cheong Yu Xuan
·
Published
2022-05-16
·
Updated
2023-03-22
·
CVE-2022-26726
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:C/A:N |
Name of the Vulnerable Software and Affected Versions
watchOS versions prior to 8.6
macOS versions prior to 12.4
macOS Big Sur versions prior to 11.6.6
macOS Catalina versions prior to Security Update 2022-004
Description
The issue is related to insufficient access control in the TCC component of watchOS and macOS, allowing a remote attacker to capture a user's screen. An app may be able to capture a user's screen due to this issue.
Recommendations
For watchOS versions prior to 8.6, update to watchOS 8.6 or later.
For macOS versions prior to 12.4, update to macOS Monterey 12.4 or later.
For macOS Big Sur versions prior to 11.6.6, update to macOS Big Sur 11.6.6 or later.
For macOS Catalina versions prior to Security Update 2022-004, apply Security Update 2022-004 or later.
Exploit
Fix
Improper Access Control
Incorrect Privilege Assignment
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Apple Macos
Macos Big Sur
Macos Catalina
Macos Monterey
Watchos