KEVIntel
Back to KEVs
5.5
CVSS
Medium

CVE-2022-22674

PUBLISHED

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is...

Exploited in the wild Low complexity No user interaction
Vendor
Apple
Product
macOS
Published
May 26, 2022
EPSS

Description

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Monterey 12.3.1, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. A local user may be able to read kernel memory.

macos cisa

CVSS scores

CVSS v3.1 5.5 Medium

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v2.0 4.9

AV:L/AC:L/Au:N/C:C/I:N/A:N

Exploitation status

Exploited in the wild

Recorded 2022-04-04 00:00:00 UTC · Source

SSVC decision points

Exploitation
active
Automatable
No
Technical impact
partial

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
CISA Apr 04, 2022

Timeline

  • CVE ID Reserved

  • Added to KEVIntel

  • CVE Published to Public