CVE-2022-32862

MEDIUM

macOS 11.0-11.7.1 - Unprotected User Data Exposure via Root App Access

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-32862. PoCs published by rohitc33.

AI-analyzed exploit summary This repository contains functional exploit scripts for CVE-2022-32862, which leverages a macOS vulnerability to grant Full Disk Access and camera/microphone permissions. The scripts manipulate system migration services and TCC database entries to escalate privileges.

Description

This issue was addressed with improved data protection. This issue is fixed in macOS Big Sur 11.7.1, macOS Ventura 13, macOS Monterey 12.6.1. An app with root privileges may be able to access private information.

Exploits (1)

nomisec WORKING POC
by rohitc33 · poc
https://github.com/rohitc33/CVE-2022-32862

This repository contains functional exploit scripts for CVE-2022-32862, which leverages a macOS vulnerability to grant Full Disk Access and camera/microphone permissions. The scripts manipulate system migration services and TCC database entries to escalate privileges.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: macOS (specific version not specified)
Auth required
Prerequisites: Local access to the target macOS system · SSH daemon not already loaded or with Full Disk Access
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3
Core References
Release Notes, Vendor Advisory
https://support.apple.com/en-us/HT213488
Release Notes, Vendor Advisory
https://support.apple.com/en-us/HT213493
Release Notes, Vendor Advisory
https://support.apple.com/en-us/HT213494

Scores

CVSS v3 5.5
EPSS 0.0073
EPSS Percentile 50.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-200
Status published
Products (1)
apple/macos 11.0 - 11.7.1
Published Nov 01, 2022
Tracked Since Feb 18, 2026