CVE-2022-26766

Name of the Vulnerable Software and Affected Versions Apple tvOS versions prior to 15.5 Apple iOS versions prior to 15.5 Apple iPadOS versions prior to 15.5 Apple watchOS versions prior to 8.6 Apple macOS Big Sur versions prior to 11.6.6 Apple macOS Monterey versions prior to 12.4 Apple macOS Catalina versions prior to Security Update 2022-004

Description A certificate parsing issue was addressed with improved checks, which may allow a malicious app to bypass signature validation. This issue is related to errors in the certificate authentication procedure.

Recommendations For Apple tvOS versions prior to 15.5, update to tvOS 15.5 or later. For Apple iOS versions prior to 15.5, update to iOS 15.5 or later. For Apple iPadOS versions prior to 15.5, update to iPadOS 15.5 or later. For Apple watchOS versions prior to 8.6, update to watchOS 8.6 or later. For Apple macOS Big Sur versions prior to 11.6.6, update to macOS Big Sur 11.6.6 or later. For Apple macOS Monterey versions prior to 12.4, update to macOS Monterey 12.4 or later. For Apple macOS Catalina versions prior to Security Update 2022-004, apply Security Update 2022-004 or later.