Cyber Resilience

CVE-2022-22674

MediumCISA KEVActive ExploitationEUVD Exploited

Published: 26 May 2022

Published
26 May 2022
Modified
23 October 2025
KEV Added
04 April 2022
Patch
CVSS Score v3.1 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0022 44.4th percentile
Risk Priority 31 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-22674 is a medium-severity Out-of-bounds Read (CWE-125) vulnerability in Apple Mac Os X. Its CVSS base score is 5.5 (Medium).

Operationally, ranked at the 44.4th percentile by exploit likelihood (below the median); CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

An out-of-bounds read vulnerability, tracked as CVE-2022-22674 and assigned CWE-125, affects the kernel on Apple macOS systems. The flaw permits disclosure of kernel memory contents due to insufficient input validation and carries a CVSS 3.1 score of 5.5 reflecting local access requirements. It is resolved in macOS Monterey 12.3.1, Security Update 2022-004 Catalina, and macOS Big Sur 11.6.6.

A local user with a valid account on an affected macOS host can trigger the condition to read arbitrary kernel memory without user interaction or elevated privileges beyond standard local access. This information disclosure could expose sensitive kernel data structures that aid further attacks, though the vulnerability itself does not permit direct code execution or privilege escalation.

Apple security advisories HT213220, HT213255, and HT213256 confirm the issue is fixed through improved input validation in the listed macOS releases and direct administrators to install the updates to eliminate the exposure. The current EPSS score of 0.0022 indicates limited observed exploitation interest.

EU & UK References

Vulnerability details

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Monterey 12.3.1, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. A local user may…

more

be able to read kernel memory.

CWE(s)
KEV Date Added
04 April 2022

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

apple
mac os x
10.15.7 · 10.15 — 10.15.7
apple
macos
11.0 — 11.6.6 · 12.0.0 — 12.3.1

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly addresses the root cause of insufficient input validation that permitted the out-of-bounds kernel memory read.

prevent

Enforces memory protection boundaries to block unauthorized reads of kernel memory by user-space processes.

prevent

Requires process isolation so that a low-privileged local process cannot directly access kernel address space.

References