CVE-2022-26722

Vulnerability

CVE-2022-26722 is a memory initialization issue in macOS that may allow a malicious application to gain root privileges. The vulnerability exists in unspecified system components and was addressed in macOS Monterey 12.4 [1], macOS Big Sur 11.6.6 [2], and Security Update 2022-004 Catalina [3]. The issue stems from improper memory initialization, which can be leveraged to corrupt kernel memory and escalate privileges.

Exploitation

Exploitation requires a malicious application running on the local system. The attacker does not need elevated privileges initially; a standard user-level application can trigger the vulnerability. The exact exploitation steps are not disclosed by Apple, but the flaw can be triggered by a crafted application that exploits the memory initialization issue to achieve code execution with root privileges.

Impact

Successful exploitation allows an attacker to execute arbitrary code with kernel privileges, effectively gaining full control over the affected macOS system. The impact is complete compromise of confidentiality, integrity, and availability.

Mitigation

Apple released fixes on May 16, 2022, in macOS Monterey 12.4 [1], macOS Big Sur 11.6.6 [2], and Security Update 2022-004 Catalina [3]. Users should update to the patched versions immediately. No workarounds are provided by Apple. The vulnerability is not listed on CISA's Known Exploited Vulnerabilities (KEV) catalog as of this writing.