CVE-2022-46706
Description
A type confusion issue was addressed with improved state handling. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to execute arbitrary code with kernel privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A type confusion vulnerability in macOS kernel allows an application to execute arbitrary code with kernel privileges; fixed in macOS Monterey 12.3, Big Sur 11.6.5, and Catalina Security Update 2022-003.
Vulnerability
A type confusion issue exists in the macOS kernel, addressed with improved state handling. This flaw affects macOS Big Sur before 11.6.5, macOS Monterey before 12.3, and macOS Catalina before Security Update 2022-003 [1][2][3].
Exploitation
An attacker with the ability to run a crafted application on the target system could exploit the type confusion. No additional user interaction beyond launching the application is required; the attacker must have local code execution access to trigger the vulnerability.
Impact
Successful exploitation allows the application to execute arbitrary code with kernel privileges, granting full system compromise including complete control over memory, processes, and data.
Mitigation
Apple released fixes for this issue on March 14, 2022, in macOS Monterey 12.3, macOS Big Sur 11.6.5, and Security Update 2022-003 for Catalina [1][2][3]. Users should update to these versions or later. No workarounds are documented.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
5- Range: <10.15.7
- Range: <11.6.5
- Range: <12.3
- Range: unspecified
- Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3News mentions
0No linked articles in our index yet.