Unrated severityNVD Advisory· Published May 26, 2022· Updated Aug 3, 2024

CVE-2022-26715

Description

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to gain elevated privileges.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

An out-of-bounds write in macOS kernel allows an application to gain elevated privileges; fixed in macOS Monterey 12.4, Big Sur 11.6.6, and Security Update 2022-004.

Vulnerability

An out-of-bounds write vulnerability exists in the macOS kernel. The issue is addressed with improved bounds checking. Affected versions: macOS Monterey before 12.4, macOS Big Sur before 11.6.6, and macOS Catalina before Security Update 2022-004. [1]

Exploitation

An attacker would need to have the ability to run an application on the affected system. No additional privileges are required initially. The application can trigger the out-of-bounds write by sending crafted input to the kernel. The exact exploitation steps are not publicly disclosed.

Impact

Successful exploitation could allow an application to gain elevated privileges, potentially executing arbitrary code with kernel privileges. This could lead to full system compromise. [1]

Mitigation

Apple has released fixes in macOS Monterey 12.4, macOS Big Sur 11.6.6, and Security Update 2022-004 for Catalina, all released on May 16, 2022. Users should update to the latest version. No workarounds are available. [1]

References

About the security content of macOS Monterey 12.4 - Apple Support

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Apple Inc./macOS Big Surllm-fuzzy
Range: <11.6.6
Apple Inc./macOS Montereyllm-fuzzy
Range: <12.4
Apple Inc./macOSv5
Range: unspecified
Apple Inc./Security Update 2021-008 Catalinacpe-rescue
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.apple.com/en-us/HT213255mitrex_refsource_MISC
support.apple.com/en-us/HT213256mitrex_refsource_MISC
support.apple.com/en-us/HT213257mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000