What is the vulnerability ID of this issue?

The vulnerability ID of this issue is CVE-2022-26707.

What is the affected software?

The affected software is macOS Monterey version up to and excluding 12.4.

What was the issue with AppleMobileFileIntegrity?

The issue in AppleMobileFileIntegrity was related to the handling of environment variables.

How was the issue addressed?

The issue was addressed by implementing improved validation.

Where can I find more information about this vulnerability?

You can find more information about this vulnerability on the Apple support website. (Reference: [https://support.apple.com/en-us/HT213257](https://support.apple.com/en-us/HT213257))

Vulnerability/
CVE-2022-26707

medium

5.5

CWE

16/5/2022

23/9/2022

31/10/2023

CVE-2022-26707: Input Validation

First published: Mon May 16 2022(Updated: )

AppleMobileFileIntegrity. An issue in the handling of environment variables was addressed with improved validation.

Credit: Wojciech Reguła @_r3ggi SecuRing product-security@apple.com

Affected Software	Affected Version	How to fix
	<12.4	12.4
Apple macOS	>=12.0.0<12.4

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/HT213257 (Advisory)

Parent vulnerabilities

(Appears in the following advisories)

HT213257

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2022-26772
CVE-2022-26741
CVE-2022-26742
CVE-2022-26749
CVE-2022-26750
CVE-2022-26752
CVE-2022-26753
CVE-2022-26754
CVE-2021-44224
CVE-2021-44790
CVE-2022-22719
CVE-2022-22720
CVE-2022-22721
CVE-2022-26751
CVE-2022-26707
CVE-2022-26697
CVE-2022-26698
CVE-2022-26736
CVE-2022-26737
CVE-2022-26738
CVE-2022-26739
CVE-2022-26740
CVE-2022-32783
CVE-2022-26694
CVE-2022-26721
CVE-2022-26722
CVE-2022-26763
CVE-2022-32781
CVE-2022-26711
CVE-2022-26725
CVE-2022-26720
CVE-2022-26769
CVE-2022-26770
CVE-2022-26748
CVE-2022-26756
CVE-2022-26701
CVE-2022-26768
CVE-2022-26758
CVE-2022-26743
CVE-2022-26714
CVE-2022-26757
CVE-2022-26764
CVE-2022-26765
CVE-2022-26706
CVE-2022-26767
CVE-2022-32882
CVE-2022-32790
CVE-2022-26776
CVE-2022-26708
CVE-2022-26775
CVE-2022-0778
CVE-2022-23308
CVE-2022-48575
CVE-2022-32794
CVE-2022-22617
CVE-2022-26712
CVE-2022-26727
CVE-2022-32782
CVE-2022-26693
CVE-2022-26746
CVE-2022-26731
CVE-2022-26766
CVE-2022-26715
CVE-2022-26718
CVE-2022-26723
CVE-2022-26728
CVE-2022-26704
CVE-2022-42857
CVE-2022-26726
CVE-2022-26755
CVE-2022-26696
CVE-2022-26700
CVE-2022-26709
CVE-2022-26710
CVE-2022-26717
CVE-2022-26716
CVE-2022-26719
CVE-2022-22677
CVE-2022-26745
CVE-2022-26761
CVE-2022-26762
CVE-2022-0530
CVE-2018-25032
CVE-2021-45444

Frequently Asked Questions

What is the vulnerability ID of this issue?
The vulnerability ID of this issue is CVE-2022-26707.
What is the affected software?
The affected software is macOS Monterey version up to and excluding 12.4.
What was the issue with AppleMobileFileIntegrity?
The issue in AppleMobileFileIntegrity was related to the handling of environment variables.
How was the issue addressed?
The issue was addressed by implementing improved validation.
Where can I find more information about this vulnerability?
You can find more information about this vulnerability on the Apple support website. (Reference: [https://support.apple.com/en-us/HT213257](https://support.apple.com/en-us/HT213257))

agent/author
agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/type
agent/weakness
collector/apple-support
source/Apple
agent/software-canonical-lookup
collector/nvd-index
vendor/apple
canonical/apple macos monterey
canonical/apple macos
version/apple macos/12.0.0