CVE-2022-26755

Vulnerability

CVE-2022-26755 is a sandbox escape vulnerability in macOS. The issue arises from insufficient sanitization of the process environment, allowing a malicious application to break out of its sandbox restrictions. This affects systems running macOS Monterey 12.4, macOS Big Sur 11.6.6, and Security Update 2022-004 for Catalina. The vulnerability was addressed with improved environment sanitization [1].

Exploitation

An attacker must first have the ability to run a malicious application on the target system, such as through social engineering or by exploiting another vulnerability to install code. No additional user interaction beyond launching the application is required. The malicious application can then exploit the insufficient environment sanitization to escape the sandbox restrictions, gaining broader access to system resources.

Impact

Successful exploitation allows the malicious application to break out of its sandbox, potentially gaining the ability to read, write, or execute code outside the sandbox boundaries. This can lead to unauthorized access to user data, system files, or other applications, compromising the confidentiality and integrity of the system. The attacker gains the privilege level of the user running the application, but with the ability to operate outside the sandbox constraints.

Mitigation

Apple released fixes on May 16, 2022, in macOS Monterey 12.4, macOS Big Sur 11.6.6, and Security Update 2022-004 for Catalina. Users should apply the updates via Software Update or the Apple Support downloads. No workarounds are documented [1][2][3].