CVE-2022-22676
MEDIUM | Platform: macOS | Changelog
CVE Details
Description
An event handler validation issue in the XPC Services API was addressed by removing the service. This issue is fixed in macOS Monterey 12.2. An application may be able to delete files for which it does not have permission.
CVSS 3.1 Score
| Metric | Value |
|---|---|
| Base Score | 5.5 (MEDIUM) |
| Vector | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |
References
- Apple Security Advisory
- NVD Entry
- https://support.apple.com/en-us/HT213054 (Release Notes, Vendor Advisory)