ID

VAR-202205-1316


CVE

CVE-2022-26727


TITLE

macOS  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-011159

DESCRIPTION

This issue was addressed with improved entitlements. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4. A malicious application may be able to modify protected parts of the file system. macOS Exists in unspecified vulnerabilities.Information may be tampered with. macOS Monterey 12.4. Information about the security content is also available at https://support.apple.com/HT213255. apache Available for: macOS Catalina Impact: Multiple issues in apache Description: Multiple issues were addressed by updating apache to version 2.4.53. CVE-2021-44224 CVE-2021-44790 CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 AppKit Available for: macOS Catalina Impact: A malicious application may be able to gain root privileges Description: A logic issue was addressed with improved validation. CVE-2022-22665: Lockheed Martin Red Team AppleGraphicsControl Available for: macOS Catalina Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2022-26751: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative AppleScript Available for: macOS Catalina Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2022-26697: Qi Sun and Robert Ai of Trend Micro AppleScript Available for: macOS Catalina Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2022-26698: Qi Sun of Trend Micro CoreTypes Available for: macOS Catalina Impact: A malicious application may bypass Gatekeeper checks Description: This issue was addressed with improved checks to prevent unauthorized actions. CVE-2022-22663: Arsenii Kostromin (0x3c3e) CVMS Available for: macOS Catalina Impact: A malicious application may be able to gain root privileges Description: A memory initialization issue was addressed. CVE-2022-26721: Yonghwi Jin (@jinmo123) of Theori CVE-2022-26722: Yonghwi Jin (@jinmo123) of Theori DriverKit Available for: macOS Catalina Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An out-of-bounds access issue was addressed with improved bounds checking. CVE-2022-26763: Linus Henze of Pinauten GmbH (pinauten.de) Graphics Drivers Available for: macOS Catalina Impact: A local user may be able to read kernel memory Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. CVE-2022-22674: an anonymous researcher Intel Graphics Driver Available for: macOS Catalina Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-26720: Liu Long of Ant Security Light-Year Lab Intel Graphics Driver Available for: macOS Catalina Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2022-26770: Liu Long of Ant Security Light-Year Lab Intel Graphics Driver Available for: macOS Catalina Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2022-26756: Jack Dates of RET2 Systems, Inc Intel Graphics Driver Available for: macOS Catalina Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2022-26769: Antonio Zekic (@antoniozekic) Intel Graphics Driver Available for: macOS Catalina Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2022-26748: Jeonghoon Shin of Theori working with Trend Micro Zero Day Initiative Kernel Available for: macOS Catalina Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved validation. CVE-2022-26714: Peter Nguyễn Vũ Hoàng (@peternguyen14) of STAR Labs (@starlabs_sg) Kernel Available for: macOS Catalina Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-26757: Ned Williamson of Google Project Zero libresolv Available for: macOS Catalina Impact: An attacker may be able to cause unexpected application termination or arbitrary code execution Description: An integer overflow was addressed with improved input validation. CVE-2022-26775: Max Shavrick (@_mxms) of the Google Security Team LibreSSL Available for: macOS Catalina Impact: Processing a maliciously crafted certificate may lead to a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2022-0778 libxml2 Available for: macOS Catalina Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2022-23308 OpenSSL Available for: macOS Catalina Impact: Processing a maliciously crafted certificate may lead to a denial of service Description: This issue was addressed with improved checks. CVE-2022-26727: Mickey Jin (@patch1t) Printing Available for: macOS Catalina Impact: A malicious application may be able to bypass Privacy preferences Description: This issue was addressed by removing the vulnerable code. CVE-2022-26746: @gorelics Security Available for: macOS Catalina Impact: A malicious app may be able to bypass signature validation Description: A certificate parsing issue was addressed with improved checks. CVE-2022-26766: Linus Henze of Pinauten GmbH (pinauten.de) SMB Available for: macOS Catalina Impact: An application may be able to gain elevated privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-26715: Peter Nguyễn Vũ Hoàng of STAR Labs SoftwareUpdate Available for: macOS Catalina Impact: A malicious application may be able to access restricted files Description: This issue was addressed with improved entitlements. CVE-2022-26728: Mickey Jin (@patch1t) TCC Available for: macOS Catalina Impact: An app may be able to capture a user's screen Description: This issue was addressed with improved checks. CVE-2022-26726: an anonymous researcher Tcl Available for: macOS Catalina Impact: A malicious application may be able to break out of its sandbox Description: This issue was addressed with improved environment sanitization. CVE-2022-26755: Arsenii Kostromin (0x3c3e) WebKit Available for: macOS Catalina Impact: Processing a maliciously crafted mail message may lead to running arbitrary javascript Description: A validation issue was addressed with improved input sanitization. CVE-2022-22589: Heige of KnownSec 404 Team (knownsec.com) and Bo Qu of Palo Alto Networks (paloaltonetworks.com) Wi-Fi Available for: macOS Catalina Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2022-26761: Wang Yu of Cyberserval zip Available for: macOS Catalina Impact: Processing a maliciously crafted file may lead to a denial of service Description: A denial of service issue was addressed with improved state handling. CVE-2022-0530 zlib Available for: macOS Catalina Impact: An attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2018-25032: Tavis Ormandy zsh Available for: macOS Catalina Impact: A remote attacker may be able to cause arbitrary code execution Description: This issue was addressed by updating to zsh version 5.8.1. CVE-2021-45444 Additional recognition PackageKit We would like to acknowledge Mickey Jin (@patch1t) of Trend Micro for their assistance. Security Update 2022-004 Catalina may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmKC1TYACgkQeC9qKD1p rhjgGRAAggg84uE4zYtBHmo5Qz45wlY/+FT7bSyCyo2Ta0m3JQmm26UiS9ZzXlD0 58jCo/ti+gH/gqwU05SnaG88pSMT6VKaDDnmw8WcrPtbl6NN6JX8vaZLFLoGO0dB rjwap7ulcLe7/HM8kCz3qqjKj4fusxckCjmm5yBMtuMklq7i51vzkT/+ws00ALcH 4S821CqIJlS2RIho/M/pih5A/H1Onw/nzKc7VOWjWMmmwoV+oiL4gMPE9kyIAJFQ NcZO7s70Qp9N5Z0VGIkD5HkAntEqYGNKJuCQUrHS0fHFUxVrQcuBbbSiv7vwnOT0 NVcFKBQWJtfcqmtcDF8mVi2ocqUh7So6AXhZGZtL3CrVfNMgTcjq6y5XwzXMgwlm ezMX73MnV91QuGp6KVZEmoFNlJ2dhKcJ0fYAhhW9DJqvJ1u5xIkQrUkK/ERLnWpE 9DIapT8uUbb9Zgez/tS9szv5jHhKtOoPbprju7d7LHw7XMFCVKbUvx745dFZx0AG PLsJZQNsQZJIK8QdcLA50KrlyjR2ts4nUsKj07I6LR4wUmcaj+goXYq4Nh4WLnoF x1AXD5ztdYlhqMcTAnuAbUYfuki0uzSy0p7wBiTknFwKMZNIaiToo64BES+7Iu1i vrB9SdtTSQCMXgPZX1Al1e2F/K2ubovrGU9geAEwLMq3AKudI4g= =JBHs -----END PGP SIGNATURE-----

Trust: 1.89

sources: NVD: CVE-2022-26727 // JVNDB: JVNDB-2022-011159 // VULHUB: VHN-417396 // VULMON: CVE-2022-26727 // PACKETSTORM: 167189

AFFECTED PRODUCTS

vendor:applemodel:macosscope:ltversion:12.4

Trust: 1.0

vendor:applemodel:mac os xscope:gteversion:10.15

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.15.7

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.15.7

Trust: 1.0

vendor:applemodel:macosscope:gteversion:12.0

Trust: 1.0

vendor:アップルmodel:apple mac os xscope: - version: -

Trust: 0.8

vendor:アップルmodel:macosscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-011159 // NVD: CVE-2022-26727

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-26727
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-26727
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202205-3419
value: MEDIUM

Trust: 0.6

VULHUB: VHN-417396
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2022-26727
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-417396
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-26727
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2022-26727
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-417396 // JVNDB: JVNDB-2022-011159 // CNNVD: CNNVD-202205-3419 // NVD: CVE-2022-26727

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-011159 // NVD: CVE-2022-26727

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202205-3419

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-202205-3419

PATCH

title:HT213255 Apple  Security updateurl:https://support.apple.com/en-us/HT213255

Trust: 0.8

title:Apple macOS Catalina Fixes for permissions and access control issues vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=195197

Trust: 0.6

title:Apple: macOS Monterey 12.4url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=73857ee26a600b1527481f1deacc0619

Trust: 0.1

sources: VULMON: CVE-2022-26727 // JVNDB: JVNDB-2022-011159 // CNNVD: CNNVD-202205-3419

EXTERNAL IDS

db:NVDid:CVE-2022-26727

Trust: 3.5

db:PACKETSTORMid:167189

Trust: 0.8

db:JVNDBid:JVNDB-2022-011159

Trust: 0.8

db:AUSCERTid:ESB-2022.2411

Trust: 0.6

db:CS-HELPid:SB2022051703

Trust: 0.6

db:CNNVDid:CNNVD-202205-3419

Trust: 0.6

db:VULHUBid:VHN-417396

Trust: 0.1

db:VULMONid:CVE-2022-26727

Trust: 0.1

sources: VULHUB: VHN-417396 // VULMON: CVE-2022-26727 // JVNDB: JVNDB-2022-011159 // PACKETSTORM: 167189 // CNNVD: CNNVD-202205-3419 // NVD: CVE-2022-26727

REFERENCES

url:https://support.apple.com/en-us/ht213255

Trust: 2.3

url:https://support.apple.com/en-us/ht213257

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2022-26727

Trust: 0.9

url:https://www.cybersecurity-help.cz/vdb/sb2022051703

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-26727/

Trust: 0.6

url:https://packetstormsecurity.com/files/167189/apple-security-advisory-2022-05-16-4.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2411

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-38381

Trust: 0.6

url:https://support.apple.com/kb/ht213257

Trust: 0.1

url:https://support.apple.com/downloads/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22721

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-23308

Trust: 0.1

url:https://support.apple.com/ht213255.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22589

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22663

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-26726

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-44790

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22674

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-26714

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0530

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-44224

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-26698

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22719

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-26728

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-26697

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-26748

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0778

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-26721

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-45444

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-25032

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-26720

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22720

Trust: 0.1

url:https://www.apple.com/support/security/pgp/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22665

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-26715

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-26722

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-26746

Trust: 0.1

url:https://support.apple.com/en-us/ht201222.

Trust: 0.1

sources: VULHUB: VHN-417396 // VULMON: CVE-2022-26727 // JVNDB: JVNDB-2022-011159 // PACKETSTORM: 167189 // CNNVD: CNNVD-202205-3419 // NVD: CVE-2022-26727

CREDITS

Apple

Trust: 0.1

sources: PACKETSTORM: 167189

SOURCES

db:VULHUBid:VHN-417396
db:VULMONid:CVE-2022-26727
db:JVNDBid:JVNDB-2022-011159
db:PACKETSTORMid:167189
db:CNNVDid:CNNVD-202205-3419
db:NVDid:CVE-2022-26727

LAST UPDATE DATE

2024-08-14T12:54:56.303000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-417396date:2022-06-07T00:00:00
db:JVNDBid:JVNDB-2022-011159date:2023-08-21T00:46:00
db:CNNVDid:CNNVD-202205-3419date:2022-06-08T00:00:00
db:NVDid:CVE-2022-26727date:2022-06-07T21:14:26.380

SOURCES RELEASE DATE

db:VULHUBid:VHN-417396date:2022-05-26T00:00:00
db:JVNDBid:JVNDB-2022-011159date:2023-08-21T00:00:00
db:PACKETSTORMid:167189date:2022-05-17T16:59:55
db:CNNVDid:CNNVD-202205-3419date:2022-05-16T00:00:00
db:NVDid:CVE-2022-26727date:2022-05-26T19:15:08.817