CVE-2022-32799

Vulnerability

CVE-2022-32799 is an out-of-bounds read issue present in macOS Monterey 12.5 and earlier, as well as in macOS Catalina prior to Security Update 2022-005. The vulnerability resides in a component that parses network traffic; insufficient bounds checking allows reading beyond the intended buffer boundaries. The issue is fixed in macOS Monterey 12.5 and Security Update 2022-005 Catalina [1][2].

Exploitation

Exploitation requires that the attacker be in a privileged network position (e.g., on the same subnet or able to perform man-in-the-middle attacks). The attacker can craft a malicious network packet that triggers the out-of-bounds read when processed by the vulnerable component on the target system. No user interaction is needed beyond the target receiving the packet over the network.

Impact

Successful exploitation may leak sensitive information from kernel or system memory, as stated in the official description: "A user in a privileged network position may be able to leak sensitive information." The exact nature of the leaked data is not specified, but it could include cryptographic keys, credentials, or other confidential data that an attacker could use to further compromise the system.

Mitigation

Apple released fixes on July 20, 2022, in macOS Monterey 12.5 and Security Update 2022-005 for Catalina. Users should update to the latest available version. There is no known workaround. The vulnerability was not listed in CISA's Known Exploited Vulnerabilities catalog as of publication.