CVE-2022-32831
First published: Wed Jul 20 2022(Updated: )
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory.
Credit: Ye Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu Security product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Catalina | ||
| Apple macOS Big Sur | <11.6.8 | 11.6.8 |
| <12.5 | 12.5 | |
| Apple Mac OS X | =10.15.7-security_update_2020-001 | |
| Apple Mac OS X | =10.15.7-security_update_2021-001 | |
| Apple Mac OS X | =10.15.7-security_update_2021-002 | |
| Apple Mac OS X | =10.15.7-security_update_2021-003 | |
| Apple Mac OS X | =10.15.7-security_update_2021-004 | |
| Apple Mac OS X | =10.15.7-security_update_2021-005 | |
| Apple Mac OS X | =10.15.7-security_update_2021-006 | |
| Apple Mac OS X | =10.15.7-security_update_2021-007 | |
| Apple Mac OS X | =10.15.7-security_update_2021-008 | |
| Apple Mac OS X | =10.15.7-security_update_2022-001 | |
| Apple Mac OS X | =10.15.7-security_update_2022-002 | |
| Apple Mac OS X | =10.15.7-security_update_2022-003 | |
| Apple macOS | <10.15.7 | |
| Apple macOS | >=11.0<11.6.8 | |
| Apple macOS | >=12.0<12.5 | |
| Apple macOS | =10.15.7 | |
| Apple macOS | =10.15.7-security_update_2022-004 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2022-32832
- CVE-2022-32826
- CVE-2022-32797
- CVE-2022-32853
- CVE-2022-32851
- CVE-2022-32831
- CVE-2022-32910
- CVE-2022-32820
- CVE-2022-32805
- CVE-2022-32849
- CVE-2022-32839
- CVE-2022-32781
- CVE-2022-32819
- CVE-2022-32787
- CVE-2022-32785
- CVE-2022-32812
- CVE-2022-32811
- CVE-2022-32815
- CVE-2022-32813
- CVE-2021-30946
- CVE-2022-32823
- CVE-2022-32786
- CVE-2022-32800
- CVE-2022-32838
- CVE-2022-32843
- CVE-2022-32842
- CVE-2022-32799
- CVE-2022-32857
- CVE-2022-32807
- CVE-2022-26704
- CVE-2022-32834
- CVE-2021-4136
- CVE-2021-4166
- CVE-2021-4173
- CVE-2021-4187
- CVE-2021-4192
- CVE-2021-4193
- CVE-2021-46059
- CVE-2022-0128
- CVE-2022-32860
- CVE-2022-32837
- CVE-2022-32847
- CVE-2022-32825
- CVE-2022-32814
- CVE-2022-0156
- CVE-2022-0158
- CVE-2022-32848
- CVE-2022-42858
- CVE-2022-32788
- CVE-2022-32880
- CVE-2022-42805
- CVE-2022-32948
- CVE-2022-32810
- CVE-2022-32840
- CVE-2022-32845
- CVE-2022-48578
- CVE-2022-32852
- CVE-2022-32789
- CVE-2022-32828
- CVE-2022-32793
- CVE-2022-32821
- CVE-2022-32897
- CVE-2022-32802
- CVE-2022-32841
- CVE-2022-48503
- CVE-2022-32817
- CVE-2022-32829
- CVE-2022-26981
- CVE-2022-46708
- CVE-2022-32796
- CVE-2022-32798
- CVE-2022-32818
- CVE-2022-32801
- CVE-2021-28544
- CVE-2022-24070
- CVE-2022-29046
- CVE-2022-29048
- CVE-2022-32933
- CVE-2022-32885
- CVE-2022-32861
- CVE-2022-32863
- CVE-2022-32816
- CVE-2022-32792
- CVE-2022-2294
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2022-32831.
What is the description of this vulnerability?
The vulnerability involves an out-of-bounds read issue in AppleScript, which has been addressed with improved bounds checking.
Which software versions are affected by this vulnerability?
The vulnerability affects Apple Catalina, macOS Big Sur (up to exclusive version 11.6.8), and macOS Monterey (up to exclusive version 12.5).
How can I fix this vulnerability?
To fix this vulnerability, update your Apple software to the latest version. For specific instructions, refer to the provided Apple support links.
Where can I find additional information about this vulnerability?
You can find additional information about this vulnerability on Apple's official support page. The links are provided in the references.
- collector/apple-support
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/references
- source/Apple
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/event
- agent/trending
- vendor/apple
- canonical/apple catalina
- canonical/apple mac os x
- version/apple mac os x/10.15.7-security_update_2020-001
- version/apple mac os x/10.15.7-security_update_2021-001
- version/apple mac os x/10.15.7-security_update_2021-002
- version/apple mac os x/10.15.7-security_update_2021-003
- version/apple mac os x/10.15.7-security_update_2021-004
- version/apple mac os x/10.15.7-security_update_2021-005
- version/apple mac os x/10.15.7-security_update_2021-006
- version/apple mac os x/10.15.7-security_update_2021-007
- version/apple mac os x/10.15.7-security_update_2021-008
- version/apple mac os x/10.15.7-security_update_2022-001
- version/apple mac os x/10.15.7-security_update_2022-002
- version/apple mac os x/10.15.7-security_update_2022-003
- canonical/apple macos
- version/apple macos/11.0
- version/apple macos/12.0
- version/apple macos/10.15.7
- version/apple macos/10.15.7-security_update_2022-004
- canonical/apple macos big sur
- canonical/apple macos monterey