CVE-2022-26768

HIGH

macOS Monterey <12.4 - Memory Corruption

Title source: llm
STIX 2.1

Description

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, watchOS 8.6, tvOS 15.5, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges.

References (6)

Core 6
Core References
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213256
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213253
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213254
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213257
Third Party Advisory x_refsource_confirm
https://support.apple.com/kb/HT213346
Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2022/Jul/12

Scores

CVSS v3 7.8
EPSS 0.0125
EPSS Percentile 65.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-787
Status published
Products (5)
apple/ipados < 15.6
apple/iphone_os < 15.6
apple/macos 11.0 - 11.6.6
apple/tvos < 15.5
apple/watchos < 8.6
Published May 26, 2022
Tracked Since Feb 18, 2026