CVE-2022-42793
5.5
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Summary
An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, macOS Monterey 12.6. An app may be able to bypass code signing checks.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Apple | macOS | unspecified < 13 | affected |
| Apple | macOS | unspecified < 16 | affected |
| Apple | macOS | unspecified < 11.7 | affected |
| Apple | macOS | unspecified < 15.7 | affected |
| Apple | macOS | unspecified < 12.6 | affected |
Weaknesses
- An app may be able to bypass code signing checks
ADP Enrichment
CVE Program Container
Additional References
- https://support.apple.com/en-us/HT213446
- https://support.apple.com/en-us/HT213443
- https://support.apple.com/en-us/HT213445
- https://support.apple.com/en-us/HT213444
- https://support.apple.com/en-us/HT213488
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://support.apple.com/en-us/HT213446
- https://support.apple.com/en-us/HT213443
- https://support.apple.com/en-us/HT213445
- https://support.apple.com/en-us/HT213444
- https://support.apple.com/en-us/HT213488
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.