CVE-2022-42793

Summary

An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, macOS Monterey 12.6. An app may be able to bypass code signing checks.

Affected Software

VendorProductVersion RangeStatus
ApplemacOSunspecified < 13affected
ApplemacOSunspecified < 16affected
ApplemacOSunspecified < 11.7affected
ApplemacOSunspecified < 15.7affected
ApplemacOSunspecified < 12.6affected

Weaknesses

  • An app may be able to bypass code signing checks

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References