7.8

CVE-2022-32942

The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2. An app may be able to execute arbitrary code with kernel privileges.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApplemacOS Version >= 11.0 < 11.7.2
ApplemacOS Version >= 12.0.0 < 12.6.2
ApplemacOS Version13.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.09% 0.267
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

http://seclists.org/fulldisclosure/2022/Dec/23
Third Party Advisory
Mailing List
http://seclists.org/fulldisclosure/2022/Dec/24
Third Party Advisory
Mailing List
http://seclists.org/fulldisclosure/2022/Dec/25
Third Party Advisory
Mailing List
https://support.apple.com/en-us/HT213532
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT213533
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT213534
Vendor Advisory
Release Notes