What is CVE-2022-26728?

CVE-2022-26728 is a vulnerability in SoftwareUpdate that has been addressed with improved entitlements.

Which software versions are affected by CVE-2022-26728?

CVE-2022-26728 affects Apple macOS Catalina, macOS Big Sur (up to version 11.6.6), and macOS Monterey (up to version 12.4).

How can I fix CVE-2022-26728?

To fix CVE-2022-26728, ensure that you have the latest version of macOS installed, which includes the necessary improvements for addressing this vulnerability.

Where can I find more information about CVE-2022-26728?

You can find more information about CVE-2022-26728 on the Apple support page: https://support.apple.com/en-us/HT213257

Vulnerability/
CVE-2022-26728

medium

5.5

16/5/2022

26/5/2022

11/12/2023

CVE-2022-26728

First published: Mon May 16 2022(Updated: )

SoftwareUpdate. This issue was addressed with improved entitlements.

Credit: Mickey Jin @patch1t Mickey Jin @patch1t Mickey Jin @patch1t product-security@apple.com

Affected Software	Affected Version	How to fix
Apple Catalina
Apple macOS Big Sur	<11.6.6	11.6.6
	<12.4	12.4
Apple Mac OS X	>=10.15<10.15.7
Apple Mac OS X	=10.15.7
Apple Mac OS X	=10.15.7-security_update_2020-001
Apple Mac OS X	=10.15.7-security_update_2021-001
Apple Mac OS X	=10.15.7-security_update_2021-002
Apple Mac OS X	=10.15.7-security_update_2021-003
Apple Mac OS X	=10.15.7-security_update_2021-004
Apple Mac OS X	=10.15.7-security_update_2021-005
Apple Mac OS X	=10.15.7-security_update_2021-006
Apple Mac OS X	=10.15.7-security_update_2021-007
Apple Mac OS X	=10.15.7-security_update_2021-008
Apple Mac OS X	=10.15.7-security_update_2022-001
Apple Mac OS X	=10.15.7-security_update_2022-002
Apple Mac OS X	=10.15.7-security_update_2022-003
Apple macOS	>=11.0<11.6.6
Apple macOS	>=12.0<12.4

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/HT213255 (Advisory)
https://support.apple.com/en-us/HT213256 (Advisory)
https://support.apple.com/en-us/HT213257 (Advisory)

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2021-44224
CVE-2021-44790
CVE-2022-22719
CVE-2022-22720
CVE-2022-22721
CVE-2022-22665
CVE-2022-22630
CVE-2022-26751
CVE-2022-26697
CVE-2022-26698
CVE-2022-22663
CVE-2022-26721
CVE-2022-26722
CVE-2022-26763
CVE-2022-22674
CVE-2022-26720
CVE-2022-26770
CVE-2022-26756
CVE-2022-26769
CVE-2022-26748
CVE-2022-26714
CVE-2022-26757
CVE-2022-32790
CVE-2022-26775
CVE-2022-0778
CVE-2022-23308
CVE-2022-32794
CVE-2022-26727
CVE-2022-26746
CVE-2022-26766
CVE-2022-26715
CVE-2022-26728
CVE-2022-26726
CVE-2022-26755
CVE-2022-22589
CVE-2022-26761
CVE-2022-0530
CVE-2018-25032
CVE-2021-45444
CVE-2022-22675
CVE-2022-26768
CVE-2021-30946
CVE-2022-26767
CVE-2022-26706
CVE-2022-32882
CVE-2022-26776
CVE-2022-26712
CVE-2022-26731
CVE-2022-26718
CVE-2022-26723
CVE-2021-4136
CVE-2021-4166
CVE-2021-4173
CVE-2021-4187
CVE-2021-4192
CVE-2021-4193
CVE-2021-46059
CVE-2022-0128
CVE-2022-26745
CVE-2022-26772
CVE-2022-26741
CVE-2022-26742
CVE-2022-26749
CVE-2022-26750
CVE-2022-26752
CVE-2022-26753
CVE-2022-26754
CVE-2022-26707
CVE-2022-26736
CVE-2022-26737
CVE-2022-26738
CVE-2022-26739
CVE-2022-26740
CVE-2022-32783
CVE-2022-26694
CVE-2022-32781
CVE-2022-26711
CVE-2022-26725
CVE-2022-26701
CVE-2022-26758
CVE-2022-26743
CVE-2022-26764
CVE-2022-26765
CVE-2022-26708
CVE-2022-48575
CVE-2022-22617
CVE-2022-32782
CVE-2022-26693
CVE-2022-26704
CVE-2022-42857
CVE-2022-26696
CVE-2022-26700
CVE-2022-26709
CVE-2022-26710
CVE-2022-26717
CVE-2022-26716
CVE-2022-26719
CVE-2022-22677
CVE-2022-26762

Frequently Asked Questions

What is CVE-2022-26728?
CVE-2022-26728 is a vulnerability in SoftwareUpdate that has been addressed with improved entitlements.
Which software versions are affected by CVE-2022-26728?
CVE-2022-26728 affects Apple macOS Catalina, macOS Big Sur (up to version 11.6.6), and macOS Monterey (up to version 12.4).
How can I fix CVE-2022-26728?
To fix CVE-2022-26728, ensure that you have the latest version of macOS installed, which includes the necessary improvements for addressing this vulnerability.
Where can I find more information about CVE-2022-26728?
You can find more information about CVE-2022-26728 on the Apple support page: https://support.apple.com/en-us/HT213257

agent/author
agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/type
collector/apple-support
source/Apple
agent/software-canonical-lookup-request
agent/software-canonical-lookup
collector/nvd-index
vendor/apple
canonical/apple catalina
canonical/apple macos big sur
canonical/apple macos monterey
canonical/apple mac os x
version/apple mac os x/10.15
version/apple mac os x/10.15.7
version/apple mac os x/10.15.7-security_update_2020-001
version/apple mac os x/10.15.7-security_update_2021-001
version/apple mac os x/10.15.7-security_update_2021-002
version/apple mac os x/10.15.7-security_update_2021-003
version/apple mac os x/10.15.7-security_update_2021-004
version/apple mac os x/10.15.7-security_update_2021-005
version/apple mac os x/10.15.7-security_update_2021-006
version/apple mac os x/10.15.7-security_update_2021-007
version/apple mac os x/10.15.7-security_update_2021-008
version/apple mac os x/10.15.7-security_update_2022-001
version/apple mac os x/10.15.7-security_update_2022-002
version/apple mac os x/10.15.7-security_update_2022-003
canonical/apple macos
version/apple macos/11.0
version/apple macos/12.0