CVE-2022-32931

MEDIUM

macOS < 13.0 - Unauthorized User Data Access by Root App

Title source: llm
STIX 2.1

Description

This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. An app with root privileges may be able to access private information.

References (1)

Core 1
Core References
Release Notes, Vendor Advisory
https://support.apple.com/en-us/HT213488

Scores

CVSS v3 5.5
EPSS 0.0019
EPSS Percentile 8.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-200 CWE-269
Status published
Products (1)
apple/macos < 13.0
Published Jan 10, 2024
Tracked Since Feb 18, 2026