First published: Mon Sep 12 2022(Updated: )
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to modify protected parts of the file system.
Credit: Csaba Fitzl @theevilbit Offensive SecurityCsaba Fitzl @theevilbit Offensive SecurityCsaba Fitzl @theevilbit Offensive SecurityCsaba Fitzl @theevilbit Offensive SecurityCsaba Fitzl @theevilbit Offensive SecurityCsaba Fitzl @theevilbit Offensive Security product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple macOS Big Sur | <11.7 | 11.7 |
<12.6 | 12.6 | |
Apple iOS | <16 | 16 |
Apple watchOS | <9 | 9 |
Apple tvOS | <16 | 16 |
<13 | 13 | |
Apple macOS | >=11.0<11.7 | |
Apple macOS | >=12.0.0<12.6 | |
Apple tvOS | <16.0 | |
Apple watchOS | <9.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
(Found alongside the following vulnerabilities)
CVE-2022-32881 is a vulnerability related to a logic issue in Apple products such as macOS Monterey, macOS Big Sur, iOS, tvOS, and watchOS.
CVE-2022-32881 can potentially be exploited to bypass certain security restrictions in affected Apple products.
macOS Monterey (up to version 12.6) and macOS Big Sur (up to version 11.7) are affected by CVE-2022-32881.
iOS (up to version 16), tvOS (up to version 16), and watchOS (up to version 9) are affected by CVE-2022-32881.
Apple has released updates (such as macOS Monterey 12.6, macOS Big Sur 11.7, iOS 16, tvOS 16) that address CVE-2022-32881. It is recommended to install the latest updates from Apple.