CVSS: 8.8EPSS: 0%CPEs: 25EXPL: 0CVE-2021-3187
https://notcve.org/view.php?id=CVE-2021-3187
An issue was discovered in BeyondTrust Privilege Management for Mac before 5.7. An authenticated, unprivileged user can elevate privileges by running a malicious script (that executes as root from a temporary directory) during install time. (This applies to macOS before 10.15.5, or Security Update 2020-003 on Mojave and High Sierra, Later versions of macOS are not vulnerable.) Se descubrió un problema en BeyondTrust Privilege Management para Mac anterior a la versión 5.7. Un usuario autenticado y sin privilegios puede elevar sus privilegios ejecutando un script malicioso (que se ejecuta como raíz desde un directorio temporal) durante el tiempo de instalación. • https://www.beyondtrust.com/docs/release-notes/privilege-management/index.htm https://www.beyondtrust.com/trust-center/security-advisories/bt22-06 •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2022-32794
https://notcve.org/view.php?id=CVE-2022-32794
A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An app may be able to gain elevated privileges. Se abordó una cuestión de lógica con una mejor gestión estatal. Este problema se solucionó en la Actualización de seguridad 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. • https://support.apple.com/en-us/HT213255 https://support.apple.com/en-us/HT213256 https://support.apple.com/en-us/HT213257 •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2022-32910
https://notcve.org/view.php?id=CVE-2022-32910
A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS Monterey 12.5, Security Update 2022-005 Catalina. An archive may be able to bypass Gatekeeper. Se solucionó un problema de lógica con controles mejorados. Este problema se solucionó en macOS Big Sur 11.6.8, macOS Monterey 12.5, Actualización de seguridad 2022-005 Catalina. • https://support.apple.com/en-us/HT213343 https://support.apple.com/en-us/HT213344 https://support.apple.com/en-us/HT213345 •
CVSS: 5.5EPSS: 0%CPEs: 21EXPL: 0CVE-2022-32849
https://notcve.org/view.php?id=CVE-2022-32849
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to access sensitive user information. Se abordó un problema de divulgación de información al eliminar el código vulnerable. Este problema ha sido corregido en iOS versión 15.6 y iPadOS versión 15.6, macOS Big Sur versión 11.6.8, tvOS versión 15.6, macOS Monterey versión 12.5, Security Update 2022-005 Catalina. • https://support.apple.com/en-us/HT213342 https://support.apple.com/en-us/HT213343 https://support.apple.com/en-us/HT213344 https://support.apple.com/en-us/HT213345 https://support.apple.com/en-us/HT213346 https://support.apple.com/kb/HT213488 •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-32837
https://notcve.org/view.php?id=CVE-2022-32837
This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to cause unexpected system termination or write kernel memory. Se abordó este problema con comprobaciones mejoradas. Este problema es corregido en macOS Monterey versión 12.5, tvOS versión 15.6, iOS versión 15.6 y iPadOS versión 15.6. • https://support.apple.com/en-us/HT213342 https://support.apple.com/en-us/HT213345 https://support.apple.com/en-us/HT213346 https://support.apple.com/kb/HT213343 •