CVE-2022-32862
MEDIUMmacOS 11.0-11.7.1 - Unprotected User Data Exposure via Root App Access
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2022-32862. PoCs published by rohitc33.
AI-analyzed exploit summary This repository contains functional exploit scripts for CVE-2022-32862, which leverages a macOS vulnerability to grant Full Disk Access and camera/microphone permissions. The scripts manipulate system migration services and TCC database entries to escalate privileges.
Description
This issue was addressed with improved data protection. This issue is fixed in macOS Big Sur 11.7.1, macOS Ventura 13, macOS Monterey 12.6.1. An app with root privileges may be able to access private information.
Exploits (1)
This repository contains functional exploit scripts for CVE-2022-32862, which leverages a macOS vulnerability to grant Full Disk Access and camera/microphone permissions. The scripts manipulate system migration services and TCC database entries to escalate privileges.
References (3)
Scores
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N