CVE-2022-32800

Vulnerability

CVE-2022-32800 is a logic issue in macOS file system protections that allows an app to modify protected parts of the file system. The vulnerability affects macOS Monterey before version 12.5, macOS Big Sur before version 11.6.8, and macOS Catalina before Security Update 2022-005 [1][2][3]. The issue was addressed with improved checks.

Exploitation

An attacker requires the ability to run an app on the affected system. No additional privileges or user interaction beyond launching the app are specified. The exact exploitation steps are not publicly detailed, but the vulnerability likely involves bypassing system integrity checks to write to protected file system locations.

Impact

Successful exploitation allows an app to modify protected parts of the file system, which could lead to privilege escalation, system instability, or compromise of system integrity. The impact is limited to file system modification; the description does not indicate code execution or data disclosure.

Mitigation

Apple fixed this issue in macOS Monterey 12.5, macOS Big Sur 11.6.8, and Security Update 2022-005 for macOS Catalina, all released on July 20, 2022 [1][2][3]. Users should update to the latest available version for their macOS release. No workarounds have been published.