Details of VAR-202205-1360

ID

VAR-202205-1360

CVE

CVE-2022-26776

TITLE

macOS Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-011244

DESCRIPTION

This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An attacker may be able to cause unexpected application termination or arbitrary code execution. macOS Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2022-26776 // JVNDB: JVNDB-2022-011244 // VULHUB: VHN-417445 // VULMON: CVE-2022-26776

AFFECTED PRODUCTS

vendor:	apple	model:	macos	scope:	lt	version:	11.6.6	Trust: 1.0
vendor:	apple	model:	macos	scope:	gte	version:	12.0.0	Trust: 1.0
vendor:	apple	model:	macos	scope:	gte	version:	11.0	Trust: 1.0
vendor:	apple	model:	macos	scope:	lt	version:	12.4	Trust: 1.0
vendor:	アップル	model:	macos	scope:	eq	version:	11.0 that's all 11.6.6	Trust: 0.8
vendor:	アップル	model:	macos	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	macos	scope:	eq	version:	-	Trust: 0.8
vendor:	アップル	model:	macos	scope:	eq	version:	12.0.0 that's all 12.4	Trust: 0.8

sources: JVNDB: JVNDB-2022-011244 // NVD: CVE-2022-26776

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-26776
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2022-26776
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-202205-3412
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-417445
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2022-26776
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-417445
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2022-26776
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2022-26776
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-417445 // JVNDB: JVNDB-2022-011244 // CNNVD: CNNVD-202205-3412 // NVD: CVE-2022-26776

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-011244 // NVD: CVE-2022-26776

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202205-3412

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202205-3412

PATCH

title:	HT213256 Apple Security update	url:	https://support.apple.com/en-us/HT213256	Trust: 0.8
title:	Apple macOS Monterey Enter the fix for the verification error vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=195345	Trust: 0.6
title:	Apple: macOS Monterey 12.4	url:	https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=73857ee26a600b1527481f1deacc0619	Trust: 0.1

sources: VULMON: CVE-2022-26776 // JVNDB: JVNDB-2022-011244 // CNNVD: CNNVD-202205-3412

EXTERNAL IDS

db:	NVD	id:	CVE-2022-26776	Trust: 3.4
db:	JVNDB	id:	JVNDB-2022-011244	Trust: 0.8
db:	AUSCERT	id:	ESB-2022.2412	Trust: 0.6
db:	CS-HELP	id:	SB2022051701	Trust: 0.6
db:	CNNVD	id:	CNNVD-202205-3412	Trust: 0.6
db:	VULHUB	id:	VHN-417445	Trust: 0.1
db:	VULMON	id:	CVE-2022-26776	Trust: 0.1

sources: VULHUB: VHN-417445 // VULMON: CVE-2022-26776 // JVNDB: JVNDB-2022-011244 // CNNVD: CNNVD-202205-3412 // NVD: CVE-2022-26776

REFERENCES

url:	https://support.apple.com/en-us/ht213256	Trust: 2.3
url:	https://support.apple.com/kb/ht213253	Trust: 1.7
url:	https://support.apple.com/kb/ht213254	Trust: 1.7
url:	https://support.apple.com/kb/ht213258	Trust: 1.7
url:	https://support.apple.com/en-us/ht213257	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2022-26776	Trust: 0.8
url:	https://www.cybersecurity-help.cz/vdb/sb2022051701	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-26776/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.2412	Trust: 0.6
url:	https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-38381	Trust: 0.6
url:	https://support.apple.com/kb/ht213257	Trust: 0.1

sources: VULHUB: VHN-417445 // VULMON: CVE-2022-26776 // JVNDB: JVNDB-2022-011244 // CNNVD: CNNVD-202205-3412 // NVD: CVE-2022-26776

SOURCES

db:	VULHUB	id:	VHN-417445
db:	VULMON	id:	CVE-2022-26776
db:	JVNDB	id:	JVNDB-2022-011244
db:	CNNVD	id:	CNNVD-202205-3412
db:	NVD	id:	CVE-2022-26776

LAST UPDATE DATE

2024-08-14T13:18:31.916000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-417445	date:	2022-06-23T00:00:00
db:	JVNDB	id:	JVNDB-2022-011244	date:	2023-08-21T06:20:00
db:	CNNVD	id:	CNNVD-202205-3412	date:	2022-06-24T00:00:00
db:	NVD	id:	CVE-2022-26776	date:	2022-06-23T17:15:12.540

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-417445	date:	2022-05-26T00:00:00
db:	JVNDB	id:	JVNDB-2022-011244	date:	2023-08-21T00:00:00
db:	CNNVD	id:	CNNVD-202205-3412	date:	2022-05-16T00:00:00
db:	NVD	id:	CVE-2022-26776	date:	2022-05-26T20:15:10.177