CVE-2022-26688

Summary

An issue in the handling of symlinks was addressed with improved validation. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A malicious app with root privileges may be able to modify the contents of system files.

Affected Software

VendorProductVersion RangeStatus
ApplemacOSunspecified < 12.3affected
ApplemacOSunspecified < 11.6affected
ApplemacOSunspecified < 2022affected

Weaknesses

  • A malicious app with root privileges may be able to modify the contents of system files

ADP Enrichment

CVE Program Container

Additional References

References