ID

VAR-202205-1360


CVE

CVE-2022-26776


TITLE

macOS  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-011244

DESCRIPTION

This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An attacker may be able to cause unexpected application termination or arbitrary code execution. macOS Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2022-26776 // JVNDB: JVNDB-2022-011244 // VULHUB: VHN-417445 // VULMON: CVE-2022-26776

AFFECTED PRODUCTS

vendor:applemodel:macosscope:ltversion:11.6.6

Trust: 1.0

vendor:applemodel:macosscope:gteversion:12.0.0

Trust: 1.0

vendor:applemodel:macosscope:gteversion:11.0

Trust: 1.0

vendor:applemodel:macosscope:ltversion:12.4

Trust: 1.0

vendor:アップルmodel:macosscope:eqversion:11.0 that's all 11.6.6

Trust: 0.8

vendor:アップルmodel:macosscope: - version: -

Trust: 0.8

vendor:アップルmodel:macosscope:eqversion: -

Trust: 0.8

vendor:アップルmodel:macosscope:eqversion:12.0.0 that's all 12.4

Trust: 0.8

sources: JVNDB: JVNDB-2022-011244 // NVD: CVE-2022-26776

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-26776
value: CRITICAL

Trust: 1.0

NVD: CVE-2022-26776
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-202205-3412
value: CRITICAL

Trust: 0.6

VULHUB: VHN-417445
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2022-26776
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-417445
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-26776
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2022-26776
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-417445 // JVNDB: JVNDB-2022-011244 // CNNVD: CNNVD-202205-3412 // NVD: CVE-2022-26776

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-011244 // NVD: CVE-2022-26776

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202205-3412

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202205-3412

PATCH

title:HT213256 Apple  Security updateurl:https://support.apple.com/en-us/HT213256

Trust: 0.8

title:Apple macOS Monterey Enter the fix for the verification error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=195345

Trust: 0.6

title:Apple: macOS Monterey 12.4url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=73857ee26a600b1527481f1deacc0619

Trust: 0.1

sources: VULMON: CVE-2022-26776 // JVNDB: JVNDB-2022-011244 // CNNVD: CNNVD-202205-3412

EXTERNAL IDS

db:NVDid:CVE-2022-26776

Trust: 3.4

db:JVNDBid:JVNDB-2022-011244

Trust: 0.8

db:AUSCERTid:ESB-2022.2412

Trust: 0.6

db:CS-HELPid:SB2022051701

Trust: 0.6

db:CNNVDid:CNNVD-202205-3412

Trust: 0.6

db:VULHUBid:VHN-417445

Trust: 0.1

db:VULMONid:CVE-2022-26776

Trust: 0.1

sources: VULHUB: VHN-417445 // VULMON: CVE-2022-26776 // JVNDB: JVNDB-2022-011244 // CNNVD: CNNVD-202205-3412 // NVD: CVE-2022-26776

REFERENCES

url:https://support.apple.com/en-us/ht213256

Trust: 2.3

url:https://support.apple.com/kb/ht213253

Trust: 1.7

url:https://support.apple.com/kb/ht213254

Trust: 1.7

url:https://support.apple.com/kb/ht213258

Trust: 1.7

url:https://support.apple.com/en-us/ht213257

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2022-26776

Trust: 0.8

url:https://www.cybersecurity-help.cz/vdb/sb2022051701

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-26776/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2412

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-38381

Trust: 0.6

url:https://support.apple.com/kb/ht213257

Trust: 0.1

sources: VULHUB: VHN-417445 // VULMON: CVE-2022-26776 // JVNDB: JVNDB-2022-011244 // CNNVD: CNNVD-202205-3412 // NVD: CVE-2022-26776

SOURCES

db:VULHUBid:VHN-417445
db:VULMONid:CVE-2022-26776
db:JVNDBid:JVNDB-2022-011244
db:CNNVDid:CNNVD-202205-3412
db:NVDid:CVE-2022-26776

LAST UPDATE DATE

2024-08-14T13:18:31.916000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-417445date:2022-06-23T00:00:00
db:JVNDBid:JVNDB-2022-011244date:2023-08-21T06:20:00
db:CNNVDid:CNNVD-202205-3412date:2022-06-24T00:00:00
db:NVDid:CVE-2022-26776date:2022-06-23T17:15:12.540

SOURCES RELEASE DATE

db:VULHUBid:VHN-417445date:2022-05-26T00:00:00
db:JVNDBid:JVNDB-2022-011244date:2023-08-21T00:00:00
db:CNNVDid:CNNVD-202205-3412date:2022-05-16T00:00:00
db:NVDid:CVE-2022-26776date:2022-05-26T20:15:10.177