ID

VAR-202201-0378


CVE

CVE-2022-22583


TITLE

plural  Apple  Vulnerability related to resource disclosure to the wrong area in the product

Trust: 0.8

sources: JVNDB: JVNDB-2022-008590

DESCRIPTION

A permissions issue was addressed with improved validation. This issue is fixed in Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. An application may be able to access restricted files. This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within PackageKit. The issue results from improper access control. An attacker can leverage this vulnerability to disclose information in the context of the current user. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-01-26-2 macOS Monterey 12.2 macOS Monterey 12.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213054. AMD Kernel Available for: macOS Monterey Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-22586: an anonymous researcher ColorSync Available for: macOS Monterey Impact: Processing a maliciously crafted file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved validation. CVE-2022-22584: Mickey Jin (@patch1t) of Trend Micro Crash Reporter Available for: macOS Monterey Impact: A malicious application may be able to gain root privileges Description: A logic issue was addressed with improved validation. CVE-2022-22578: an anonymous researcher iCloud Available for: macOS Monterey Impact: An application may be able to access a user's files Description: An issue existed within the path validation logic for symlinks. CVE-2022-22585: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (https://xlab.tencent.com) Intel Graphics Driver Available for: macOS Monterey Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2022-22591: Antonio Zekic (@antoniozekic) of Diverto IOMobileFrameBuffer Available for: macOS Monterey Impact: A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. CVE-2022-22587: an anonymous researcher, Meysam Firouzi (@R00tkitSMM) of MBition - Mercedes-Benz Innovation Lab, Siddharth Aeri (@b1n4r1b01) Kernel Available for: macOS Monterey Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow issue was addressed with improved memory handling. CVE-2022-22593: Peter Nguyễn Vũ Hoàng of STAR Labs Model I/O Available for: macOS Monterey Impact: Processing a maliciously crafted STL file may lead to unexpected application termination or arbitrary code execution Description: An information disclosure issue was addressed with improved state management. CVE-2022-22579: Mickey Jin (@patch1t) of Trend Micro PackageKit Available for: macOS Monterey Impact: An application may be able to access restricted files Description: A permissions issue was addressed with improved validation. CVE-2022-22583: an anonymous researcher, Mickey Jin (@patch1t), Ron Hass (@ronhass7) of Perception Point WebKit Available for: macOS Monterey Impact: Processing a maliciously crafted mail message may lead to running arbitrary javascript Description: A validation issue was addressed with improved input sanitization. CVE-2022-22589: Heige of KnownSec 404 Team (knownsec.com) and Bo Qu of Palo Alto Networks (paloaltonetworks.com) WebKit Available for: macOS Monterey Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2022-22590: Toan Pham from Team Orca of Sea Security (security.sea.com) WebKit Available for: macOS Monterey Impact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced Description: A logic issue was addressed with improved state management. CVE-2022-22592: Prakash (@1lastBr3ath) WebKit Storage Available for: macOS Monterey Impact: A website may be able to track sensitive user information Description: A cross-origin issue in the IndexDB API was addressed with improved input validation. CVE-2022-22594: Martin Bajanik of FingerprintJS Additional recognition Kernel We would like to acknowledge Tao Huang for their assistance. Metal We would like to acknowledge Tao Huang for their assistance. PackageKit We would like to acknowledge Mickey Jin (@patch1t), Mickey Jin (@patch1t) of Trend Micro for their assistance. WebKit We would like to acknowledge Prakash (@1lastBr3ath) for their assistance. Installation note: This update may be obtained from the Mac App Store Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmHx0zEACgkQeC9qKD1p rhhFUw/+K0ImMkw8zCjqdJza05Y6mlSa2wAdoVQK4pywYylcWMzemOi9GStr1Tgq CmA7KFo2hPp/9kh6+SURi91WwUKdNHsDfasjNDqTTOJalQFuKB0erZgEpcprBnHE lzT2heSJDl58sMSn0hLlGIhLfc+4Ld29FKc3lmtBPGeKY3vUViHLN0s3sZj07twx Ew7yYkDBkz/e2kGRDByWzmvsSQt+w7HMK+pN1m5CBTZdP8KAHVtbuv8BPtMHKwNJ 1Kzo6nW4MJ9Eds63Lz4A37nqTNxmvsbf4zDSppwAp8NalEHqg5My7PzmK97eh6ap jS4P4LqdRigTvRMq3eDVh/4Lie+/39nXwdQI6czETvTYzi+iA6k3q1Lsf2eIYzCf 0y4YTKEwIze05Q45YqbbnRDfVGOKtfZOcFVYsMxYBHBMp6LDcLJ9i0+AORX2igoA dODLICbrHzexa682FDE2RGtgQOtS5k4LJLUggvSeOW/tXN+MovfVTjCIzJSKYltP eQm8gq3EajaRk4JQcYkxklalyOHVZpkg3+u6Az+xIY5nVVijkuGDqqiCoh62zmsE kSXZrfuJTIYWbIzpR23xVMyxWBcN4AXDE3xLeZajm0yGnAxpd8CGwb4FhgipcDVE wwazu76IYBPpP40AyBALO10aXhYjrI+Bj6zI+Ug3msXLhkeICtI= =WEmw -----END PGP SIGNATURE-----

Trust: 2.7

sources: NVD: CVE-2022-22583 // JVNDB: JVNDB-2022-008590 // ZDI: ZDI-22-811 // VULHUB: VHN-411211 // VULMON: CVE-2022-22583 // PACKETSTORM: 165774 // PACKETSTORM: 165773 // PACKETSTORM: 165772

AFFECTED PRODUCTS

vendor:applemodel:macosscope:gteversion:12.0.0

Trust: 1.0

vendor:applemodel:mac os xscope:gteversion:10.15

Trust: 1.0

vendor:applemodel:macosscope:ltversion:12.3

Trust: 1.0

vendor:applemodel:macosscope:ltversion:11.6.3

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.15.7

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.15.7

Trust: 1.0

vendor:applemodel:macosscope:eqversion:10.15.7

Trust: 1.0

vendor:アップルmodel:apple mac os xscope: - version: -

Trust: 0.8

vendor:アップルmodel:macosscope: - version: -

Trust: 0.8

vendor:applemodel:macosscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-22-811 // JVNDB: JVNDB-2022-008590 // NVD: CVE-2022-22583

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-22583
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-22583
value: MEDIUM

Trust: 0.8

ZDI: CVE-2022-22583
value: MEDIUM

Trust: 0.7

CNNVD: CNNVD-202201-2412
value: MEDIUM

Trust: 0.6

VULHUB: VHN-411211
value: LOW

Trust: 0.1

VULMON: CVE-2022-22583
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2022-22583
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-411211
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-22583
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2022-22583
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2022-22583
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-22-811 // VULHUB: VHN-411211 // VULMON: CVE-2022-22583 // JVNDB: JVNDB-2022-008590 // CNNVD: CNNVD-202201-2412 // NVD: CVE-2022-22583

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Leakage of resources to the wrong area (CWE-668) [NVD evaluation ]

Trust: 0.8

problemtype:CWE-668

Trust: 0.1

sources: VULHUB: VHN-411211 // JVNDB: JVNDB-2022-008590 // NVD: CVE-2022-22583

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202201-2412

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-202201-2412

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-411211

PATCH

title:HT213056url:https://support.apple.com/en-us/HT213054

Trust: 0.8

title:Apple has issued an update to correct this vulnerability.url:https://support.apple.com/en-us/HT213055

Trust: 0.7

title:Apple macOS Fixes for permissions and access control issues vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=179626

Trust: 0.6

title:POCurl:https://github.com/jhftss/POC

Trust: 0.1

title:CVE-2022-XXXXurl:https://github.com/AlphabugX/CVE-2022-23305

Trust: 0.1

title:CVE-2022-XXXXurl:https://github.com/AlphabugX/CVE-2022-RCE

Trust: 0.1

sources: ZDI: ZDI-22-811 // VULMON: CVE-2022-22583 // JVNDB: JVNDB-2022-008590 // CNNVD: CNNVD-202201-2412

EXTERNAL IDS

db:NVDid:CVE-2022-22583

Trust: 4.4

db:PACKETSTORMid:165774

Trust: 0.8

db:JVNDBid:JVNDB-2022-008590

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-16024

Trust: 0.7

db:ZDIid:ZDI-22-811

Trust: 0.7

db:CS-HELPid:SB2022012635

Trust: 0.6

db:AUSCERTid:ESB-2022.0400

Trust: 0.6

db:CNNVDid:CNNVD-202201-2412

Trust: 0.6

db:PACKETSTORMid:165773

Trust: 0.2

db:PACKETSTORMid:165772

Trust: 0.2

db:VULHUBid:VHN-411211

Trust: 0.1

db:VULMONid:CVE-2022-22583

Trust: 0.1

sources: ZDI: ZDI-22-811 // VULHUB: VHN-411211 // VULMON: CVE-2022-22583 // JVNDB: JVNDB-2022-008590 // PACKETSTORM: 165774 // PACKETSTORM: 165773 // PACKETSTORM: 165772 // CNNVD: CNNVD-202201-2412 // NVD: CVE-2022-22583

REFERENCES

url:https://support.apple.com/en-us/ht213055

Trust: 2.5

url:https://support.apple.com/en-us/ht213054

Trust: 2.4

url:https://support.apple.com/en-us/ht213056

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-22583

Trust: 1.1

url:https://www.auscert.org.au/bulletins/esb-2022.0400

Trust: 0.6

url:https://packetstormsecurity.com/files/165774/apple-security-advisory-2022-01-26-4.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022012635

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-37394

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-22583/

Trust: 0.6

url:https://support.apple.com/kb/ht201222

Trust: 0.3

url:https://www.apple.com/support/security/pgp/

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-22593

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-22579

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-30972

Trust: 0.2

url:https://xlab.tencent.com)

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-22587

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-22585

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:http://seclists.org/fulldisclosure/2022/jan/80

Trust: 0.1

url:https://github.com/jhftss/poc

Trust: 0.1

url:https://support.apple.com/ht213056.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-30946

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-30960

Trust: 0.1

url:https://support.apple.com/ht213055.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22586

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22584

Trust: 0.1

url:https://support.apple.com/ht213054.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22591

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22594

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22589

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22590

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22578

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22592

Trust: 0.1

sources: ZDI: ZDI-22-811 // VULHUB: VHN-411211 // VULMON: CVE-2022-22583 // JVNDB: JVNDB-2022-008590 // PACKETSTORM: 165774 // PACKETSTORM: 165773 // PACKETSTORM: 165772 // CNNVD: CNNVD-202201-2412 // NVD: CVE-2022-22583

CREDITS

Mickey Jin (@patch1t) of Trend Micro

Trust: 0.7

sources: ZDI: ZDI-22-811

SOURCES

db:ZDIid:ZDI-22-811
db:VULHUBid:VHN-411211
db:VULMONid:CVE-2022-22583
db:JVNDBid:JVNDB-2022-008590
db:PACKETSTORMid:165774
db:PACKETSTORMid:165773
db:PACKETSTORMid:165772
db:CNNVDid:CNNVD-202201-2412
db:NVDid:CVE-2022-22583

LAST UPDATE DATE

2024-08-14T12:55:20.210000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-22-811date:2022-06-02T00:00:00
db:VULHUBid:VHN-411211date:2022-11-02T00:00:00
db:VULMONid:CVE-2022-22583date:2023-08-08T00:00:00
db:JVNDBid:JVNDB-2022-008590date:2023-07-28T05:35:00
db:CNNVDid:CNNVD-202201-2412date:2022-03-29T00:00:00
db:NVDid:CVE-2022-22583date:2023-08-08T14:22:24.967

SOURCES RELEASE DATE

db:ZDIid:ZDI-22-811date:2022-06-02T00:00:00
db:VULHUBid:VHN-411211date:2022-03-18T00:00:00
db:VULMONid:CVE-2022-22583date:2022-03-18T00:00:00
db:JVNDBid:JVNDB-2022-008590date:2023-07-28T00:00:00
db:PACKETSTORMid:165774date:2022-01-31T15:46:38
db:PACKETSTORMid:165773date:2022-01-31T15:46:23
db:PACKETSTORMid:165772date:2022-01-31T15:46:05
db:CNNVDid:CNNVD-202201-2412date:2022-01-26T00:00:00
db:NVDid:CVE-2022-22583date:2022-03-18T18:15:12.317