Sign-up

ID

VAR-202201-0378


CVE

CVE-2022-22583


TITLE

plural  Apple  Vulnerability related to resource disclosure to the wrong area in the product

Trust: 0.8

sources: JVNDB: JVNDB-2022-008590

DESCRIPTION

A permissions issue was addressed with improved validation. This issue is fixed in Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. An application may be able to access restricted files. This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within PackageKit. The issue results from improper access control. An attacker can leverage this vulnerability to disclose information in the context of the current user. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-01-26-2 macOS Monterey 12.2 macOS Monterey 12.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213054. AMD Kernel Available for: macOS Monterey Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-22586: an anonymous researcher ColorSync Available for: macOS Monterey Impact: Processing a maliciously crafted file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved validation. CVE-2022-22584: Mickey Jin (@patch1t) of Trend Micro Crash Reporter Available for: macOS Monterey Impact: A malicious application may be able to gain root privileges Description: A logic issue was addressed with improved validation. CVE-2022-22578: an anonymous researcher iCloud Available for: macOS Monterey Impact: An application may be able to access a user's files Description: An issue existed within the path validation logic for symlinks. CVE-2022-22585: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (https://xlab.tencent.com) Intel Graphics Driver Available for: macOS Monterey Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2022-22591: Antonio Zekic (@antoniozekic) of Diverto IOMobileFrameBuffer Available for: macOS Monterey Impact: A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. CVE-2022-22587: an anonymous researcher, Meysam Firouzi (@R00tkitSMM) of MBition - Mercedes-Benz Innovation Lab, Siddharth Aeri (@b1n4r1b01) Kernel Available for: macOS Monterey Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow issue was addressed with improved memory handling. CVE-2022-22593: Peter Nguyễn Vũ Hoàng of STAR Labs Model I/O Available for: macOS Monterey Impact: Processing a maliciously crafted STL file may lead to unexpected application termination or arbitrary code execution Description: An information disclosure issue was addressed with improved state management. CVE-2022-22579: Mickey Jin (@patch1t) of Trend Micro PackageKit Available for: macOS Monterey Impact: An application may be able to access restricted files Description: A permissions issue was addressed with improved validation. CVE-2022-22583: an anonymous researcher, Mickey Jin (@patch1t), Ron Hass (@ronhass7) of Perception Point WebKit Available for: macOS Monterey Impact: Processing a maliciously crafted mail message may lead to running arbitrary javascript Description: A validation issue was addressed with improved input sanitization. CVE-2022-22589: Heige of KnownSec 404 Team (knownsec.com) and Bo Qu of Palo Alto Networks (paloaltonetworks.com) WebKit Available for: macOS Monterey Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2022-22590: Toan Pham from Team Orca of Sea Security (security.sea.com) WebKit Available for: macOS Monterey Impact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced Description: A logic issue was addressed with improved state management. CVE-2022-22592: Prakash (@1lastBr3ath) WebKit Storage Available for: macOS Monterey Impact: A website may be able to track sensitive user information Description: A cross-origin issue in the IndexDB API was addressed with improved input validation. CVE-2022-22594: Martin Bajanik of FingerprintJS Additional recognition Kernel We would like to acknowledge Tao Huang for their assistance. Metal We would like to acknowledge Tao Huang for their assistance. PackageKit We would like to acknowledge Mickey Jin (@patch1t), Mickey Jin (@patch1t) of Trend Micro for their assistance. WebKit We would like to acknowledge Prakash (@1lastBr3ath) for their assistance. Installation note: This update may be obtained from the Mac App Store Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmHx0zEACgkQeC9qKD1p rhhFUw/+K0ImMkw8zCjqdJza05Y6mlSa2wAdoVQK4pywYylcWMzemOi9GStr1Tgq CmA7KFo2hPp/9kh6+SURi91WwUKdNHsDfasjNDqTTOJalQFuKB0erZgEpcprBnHE lzT2heSJDl58sMSn0hLlGIhLfc+4Ld29FKc3lmtBPGeKY3vUViHLN0s3sZj07twx Ew7yYkDBkz/e2kGRDByWzmvsSQt+w7HMK+pN1m5CBTZdP8KAHVtbuv8BPtMHKwNJ 1Kzo6nW4MJ9Eds63Lz4A37nqTNxmvsbf4zDSppwAp8NalEHqg5My7PzmK97eh6ap jS4P4LqdRigTvRMq3eDVh/4Lie+/39nXwdQI6czETvTYzi+iA6k3q1Lsf2eIYzCf 0y4YTKEwIze05Q45YqbbnRDfVGOKtfZOcFVYsMxYBHBMp6LDcLJ9i0+AORX2igoA dODLICbrHzexa682FDE2RGtgQOtS5k4LJLUggvSeOW/tXN+MovfVTjCIzJSKYltP eQm8gq3EajaRk4JQcYkxklalyOHVZpkg3+u6Az+xIY5nVVijkuGDqqiCoh62zmsE kSXZrfuJTIYWbIzpR23xVMyxWBcN4AXDE3xLeZajm0yGnAxpd8CGwb4FhgipcDVE wwazu76IYBPpP40AyBALO10aXhYjrI+Bj6zI+Ug3msXLhkeICtI= =WEmw -----END PGP SIGNATURE-----

Trust: 2.7

sources: NVD: CVE-2022-22583 // JVNDB: JVNDB-2022-008590 // ZDI: ZDI-22-811 // VULHUB: VHN-411211 // VULMON: CVE-2022-22583 // PACKETSTORM: 165774 // PACKETSTORM: 165773 // PACKETSTORM: 165772

AFFECTED PRODUCTS

vendor:applemodel:macosscope:gteversion:12.0.0

Trust: 1.0

vendor:applemodel:mac os xscope:gteversion:10.15

Trust: 1.0

vendor:applemodel:macosscope:ltversion:12.3

Trust: 1.0

vendor:applemodel:macosscope:ltversion:11.6.3

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.15.7

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.15.7

Trust: 1.0

vendor:applemodel:macosscope:eqversion:10.15.7

Trust: 1.0

vendor:アップルmodel:apple mac os xscope: - version: -

Trust: 0.8

vendor:アップルmodel:macosscope: - version: -

Trust: 0.8

vendor:applemodel:macosscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-22-811 // JVNDB: JVNDB-2022-008590 // NVD: CVE-2022-22583

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-22583
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-22583
value: MEDIUM

Trust: 0.8

ZDI: CVE-2022-22583
value: MEDIUM

Trust: 0.7

CNNVD: CNNVD-202201-2412
value: MEDIUM

Trust: 0.6

VULHUB: VHN-411211
value: LOW

Trust: 0.1

VULMON: CVE-2022-22583
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2022-22583
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-411211
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-22583
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2022-22583
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2022-22583
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-22-811 // VULHUB: VHN-411211 // VULMON: CVE-2022-22583 // JVNDB: JVNDB-2022-008590 // CNNVD: CNNVD-202201-2412 // NVD: CVE-2022-22583

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Leakage of resources to the wrong area (CWE-668) [NVD evaluation ]

Trust: 0.8

problemtype:CWE-668

Trust: 0.1

sources: VULHUB: VHN-411211 // JVNDB: JVNDB-2022-008590 // NVD: CVE-2022-22583

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202201-2412

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-202201-2412

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-411211

PATCH
title:HT213056url:https://support.apple.com/en-us/HT213054
Trust: 0.8
title:Apple has issued an update to correct this vulnerability.url:https://support.apple.com/en-us/HT213055
Trust: 0.7
title:Apple macOS Fixes for permissions and access control issues vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=179626
Trust: 0.6
title:POCurl:https://github.com/jhftss/POC 
Trust: 0.1
title:CVE-2022-XXXXurl:https://github.com/AlphabugX/CVE-2022-23305 
Trust: 0.1
title:CVE-2022-XXXXurl:https://github.com/AlphabugX/CVE-2022-RCE 
Trust: 0.1
sources:
            
            
            ZDI: ZDI-22-811 // 
            
            
            
            VULMON: CVE-2022-22583 // 
            
            
            
            JVNDB: JVNDB-2022-008590 // 
            
            
            
            CNNVD: CNNVD-202201-2412

EXTERNAL IDS
db:NVDid:CVE-2022-22583
Trust: 4.4
db:PACKETSTORMid:165774
Trust: 0.8
db:JVNDBid:JVNDB-2022-008590
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-16024
Trust: 0.7
db:ZDIid:ZDI-22-811
Trust: 0.7
db:CS-HELPid:SB2022012635
Trust: 0.6
db:AUSCERTid:ESB-2022.0400
Trust: 0.6
db:CNNVDid:CNNVD-202201-2412
Trust: 0.6
db:PACKETSTORMid:165773
Trust: 0.2
db:PACKETSTORMid:165772
Trust: 0.2
db:VULHUBid:VHN-411211
Trust: 0.1
db:VULMONid:CVE-2022-22583
Trust: 0.1
sources:
            
            
            ZDI: ZDI-22-811 // 
            
            
            
            VULHUB: VHN-411211 // 
            
            
            
            VULMON: CVE-2022-22583 // 
            
            
            
            JVNDB: JVNDB-2022-008590 // 
            
            
            
            PACKETSTORM: 165774 // 
            
            
            
            PACKETSTORM: 165773 // 
            
            
            
            PACKETSTORM: 165772 // 
            
            
            
            CNNVD: CNNVD-202201-2412 // 
            
            
            
            NVD: CVE-2022-22583

REFERENCES
url:https://support.apple.com/en-us/ht213055
Trust: 2.5
url:https://support.apple.com/en-us/ht213054
Trust: 2.4
url:https://support.apple.com/en-us/ht213056
Trust: 1.8
url:https://nvd.nist.gov/vuln/detail/cve-2022-22583
Trust: 1.1
url:https://www.auscert.org.au/bulletins/esb-2022.0400
Trust: 0.6
url:https://packetstormsecurity.com/files/165774/apple-security-advisory-2022-01-26-4.html
Trust: 0.6
url:https://www.cybersecurity-help.cz/vdb/sb2022012635
Trust: 0.6
url:https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-37394
Trust: 0.6
url:https://cxsecurity.com/cveshow/cve-2022-22583/
Trust: 0.6
url:https://support.apple.com/kb/ht201222
Trust: 0.3
url:https://www.apple.com/support/security/pgp/
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2022-22593
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2022-22579
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2021-30972
Trust: 0.2
url:https://xlab.tencent.com)
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-22587
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-22585
Trust: 0.2
url:https://cwe.mitre.org/data/definitions/.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:http://seclists.org/fulldisclosure/2022/jan/80
Trust: 0.1
url:https://github.com/jhftss/poc
Trust: 0.1
url:https://support.apple.com/ht213056.
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2021-30946
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2021-30960
Trust: 0.1
url:https://support.apple.com/ht213055.
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-22586
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-22584
Trust: 0.1
url:https://support.apple.com/ht213054.
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-22591
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-22594
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-22589
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-22590
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-22578
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-22592
Trust: 0.1
sources:
            
            
            ZDI: ZDI-22-811 // 
            
            
            
            VULHUB: VHN-411211 // 
            
            
            
            VULMON: CVE-2022-22583 // 
            
            
            
            JVNDB: JVNDB-2022-008590 // 
            
            
            
            PACKETSTORM: 165774 // 
            
            
            
            PACKETSTORM: 165773 // 
            
            
            
            PACKETSTORM: 165772 // 
            
            
            
            CNNVD: CNNVD-202201-2412 // 
            
            
            
            NVD: CVE-2022-22583

CREDITS
Mickey Jin (@patch1t) of Trend Micro
Trust: 0.7
sources:
            
            
            ZDI: ZDI-22-811

SOURCES
db:ZDIid:ZDI-22-811
db:VULHUBid:VHN-411211
db:VULMONid:CVE-2022-22583
db:JVNDBid:JVNDB-2022-008590
db:PACKETSTORMid:165774
db:PACKETSTORMid:165773
db:PACKETSTORMid:165772
db:CNNVDid:CNNVD-202201-2412
db:NVDid:CVE-2022-22583

LAST UPDATE DATE
2024-08-14T12:55:20.210000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-22-811date:2022-06-02T00:00:00
db:VULHUBid:VHN-411211date:2022-11-02T00:00:00
db:VULMONid:CVE-2022-22583date:2023-08-08T00:00:00
db:JVNDBid:JVNDB-2022-008590date:2023-07-28T05:35:00
db:CNNVDid:CNNVD-202201-2412date:2022-03-29T00:00:00
db:NVDid:CVE-2022-22583date:2023-08-08T14:22:24.967

SOURCES RELEASE DATE
db:ZDIid:ZDI-22-811date:2022-06-02T00:00:00
db:VULHUBid:VHN-411211date:2022-03-18T00:00:00
db:VULMONid:CVE-2022-22583date:2022-03-18T00:00:00
db:JVNDBid:JVNDB-2022-008590date:2023-07-28T00:00:00
db:PACKETSTORMid:165774date:2022-01-31T15:46:38
db:PACKETSTORMid:165773date:2022-01-31T15:46:23
db:PACKETSTORMid:165772date:2022-01-31T15:46:05
db:CNNVDid:CNNVD-202201-2412date:2022-01-26T00:00:00
db:NVDid:CVE-2022-22583date:2022-03-18T18:15:12.317