CVE-2022-22600

MEDIUM

iPadOS < 15.4 - Privacy Preference Bypass via Improved Permissions Logic

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-22600. PoCs published by KlinKlinKlin.

AI-analyzed exploit summary This PoC exploits CVE-2022-22600, a macOS vulnerability where executable permissions are bypassed if the binary is deleted after execution. The script copies and runs a screenshot utility without triggering TCC prompts.

Description

The issue was addressed with improved permissions logic. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. A malicious application may be able to bypass certain Privacy preferences.

Exploits (1)

nomisec WORKING POC 4 stars
by KlinKlinKlin · poc
https://github.com/KlinKlinKlin/MSF-screenrecord-on-MacOS

This PoC exploits CVE-2022-22600, a macOS vulnerability where executable permissions are bypassed if the binary is deleted after execution. The script copies and runs a screenshot utility without triggering TCC prompts.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: macOS (tested on 12.1, 12.0, 11.6.1)
No auth needed
Prerequisites: Access to a vulnerable macOS system · Presence of a screenshot utility binary
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213182
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213193
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213183
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213186

Scores

CVSS v3 5.5
EPSS 0.0163
EPSS Percentile 73.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Details

Status published
Products (5)
apple/ipados < 15.4
apple/iphone_os < 15.4
apple/macos < 12.3
apple/tvos < 15.4
apple/watchos < 8.5
Published Mar 18, 2022
Tracked Since Feb 18, 2026