A vulnerability has been identified in SIMATIC CFU DIQ (All versions), SIMATIC CFU PA (All versions), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.2.19), SIMATIC ET200AL IM157-1 PN (All versions), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 16x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 8x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 MF HF (All versions), SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC PN/MF Coupler (All versions), SIMATIC PN/PN Coupler (All versions >= 4.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.0.0), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.3.19), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.2.19), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.10), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) (All versions < V10.1.1), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) (All versions < V8.2.3), SIMATIC TDC CP51M1 (All versions < V1.1.10), SIMATIC TDC CPU555 (All versions < V1.2.1), SIMATIC WinAC RTX 2010 (All versions), SIMATIC WinAC RTX F 2010 (All versions), SINAMICS DCM (All versions with Ethernet interface), SINAMICS G110M (All versions with Ethernet interface), SINAMICS G115D (All versions with Ethernet interface), SINAMICS G120 (incl. SIPLUS variants) (All versions with Ethernet interface), SINAMICS G130 (All versions), SINAMICS G150 (All versions), SINAMICS S110 (All versions with Ethernet interface), SINAMICS S120 (incl. SIPLUS variants) (All versions < V5.2 SP3 HF13), SINAMICS S150 (All versions), SINAMICS S210 (All versions), SINAMICS V90 (All versions with Ethernet interface), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.2.19), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.2.19), SIPLUS HCS4200 CIM4210 (All versions), SIPLUS HCS4200 CIM4210C (All versions), SIPLUS HCS4300 CIM4310 (All versions), SIPLUS NET PN/PN Coupler (All versions >= 4.2), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.3.19), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.2.19), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.2.19), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.2.19), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.2.19). The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments.

%PDF-1.5 %���� 226 0 obj << /Length 2515 /Filter /FlateDecode >> stream x��\[�R�H}�+�(G���~���n=K������-h���M\_�~3�J²���f��T��2����L�4�Mh����\`��;eG��:�$��ub�#��d0J>�W��.�.z}nlz��>S�x�3폾�34�C�xy^y�b>=��Ǘ=���������\`�{� {T@#X2����;MFp�}B�p6��?y�H%���'���o{4U+2�<�4��o�i%qF�"�4K� N�� ��6:�j�/�����iS�0�dr�ŀϋ�WDhK�2MdHN���@aʙ�G�t�M6���D#�e���g ���l�e)UU}vS��\`i���P�#��� �,�k�ɑG4�6�5&X+i\[���B5!\`\[a�´Y��uO��a2���� � ;���kc���H���k�6;P���j�x�����t� C�4q�� ��MoIA\_���K��ޝ�ׄRi�GY��,��p�(t \[MaҬ��e6D#��� |�h��6�6�g�$lC|䂇�O���v�-�QM��P�L.}l��ڒ�Lf��\[���ufӺ�0gZ魁D����s��6�c6?���=�~\_�b�اE#���Hx�(#ƪ Uخ�kIU\]�!�����,#y|�4�����GG�\_ �����rާ��8N�����4\[,�3�G�)eçD�2�Y�:|���i|�gi��0;<-�e�5#���뫫��7AX8;�yL�9\*\`�JORR$�=�.U��R�ź\*C�@�.������eO��?8����tE�Ѱ��dpO�F;\*�ԏ|��^��|�c�zQ���p��k�n��1=�>���K���\_�'��D�p�R�A9xQ?�p6\]f�"���2�m�O��8C��뷖Ok��z{����(J�Lf=H���hJ�,��"Q�,\*�=+���џCB��CI������1���b F��'G�e,3 ���tX��$�H|�\_1�8�����é�k�Od:�'9w�

CVE-2022-25622

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the web_exec parameter at /apply.cgi.

Permalink

main

Switch branches/tags

**Name already in use**

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Go to file

*   Go to file

*   Copy path
*   Copy permalink

Cannot retrieve contributors at this time

4.33 MB

Download

*   Open with Desktop
*   Download
*   Delete file

Sorry, something went wrong. Reload?

Sorry, we cannot display this file.

Sorry, this file is invalid so it cannot be displayed.

CVE-2022-27280: IoT_Hunter/Inhand InRouter 900 Industrial 4G Router  Vulnerabilities(XSS).pdf at main · skyvast404/IoT_Hunter

The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system user to read and write within restricted memory space.

%PDF-1.5 %���� 1 0 obj <>>> endobj 2 0 obj <> endobj 3 0 obj <>/ExtGState<>/Font<>/ProcSet\[/PDF/Text/ImageB/ImageC/ImageI\] >>/MediaBox\[ 0 0 595.2 841.92\] /Contents 4 0 R/Group<>/Tabs/S/StructParents 0>> endobj 4 0 obj <> stream x��X�n�6�/@�pRD��H�$k�b)�u�"Pm���ؙ�t�#�-wI;�SG�ɳA��H�s/�=� �388�����h8������6M�LF��8g���t���8uVU���,�$tk\`��

CVE-2022-22516

TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the minAddress parameter.

Sorry, something went wrong. Reload?

Sorry, we cannot display this file.

Sorry, this file is invalid so it cannot be displayed.

CVE-2022-26640: Hardware-IoT/tp-link tl-wr840n_minAddress=.pdf at main · Quadron-Research-Lab/Hardware-IoT

TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the DNSServers parameter.

CVE-2022-26639: Hardware-IoT/tp-link tl-wr840n_DNSServers=.pdf at main · Quadron-Research-Lab/Hardware-IoT

GNOME OCRFeeder before 0.8.4 allows OS command injection via shell metacharacters in a PDF or image filename.

Skip to content

GitLab 

**Do not invoke commands through shell.**

*   Review changes
    

*   
*   Download
    
*   
*   

Executing shell commands through mechanisms such as os.system() or subprocess.run(shell=True) with user-controllable input is prone to arbitrary shell command injection. In this particular case, a malicious actor controlling any input name, either in PDF or image form, can force ocrfeeder to execute shell commands embedded in the file name. While a workaround for #20 (closed), mentioning problems opening files with special characters, was introduced in 5286120c, this was not applied to every subprocess invocation. Furthermore, it is good practice to make use of the parameterization of arguments available in the subprocess package instead of relying on character escaping alone, avoiding shell invocation completely. This minimizes the attack surface.

Fixes #82

CVE-2022-27811: Do not invoke commands through shell. (!13) · Merge requests · GNOME / ocrfeeder · GitLab

The Reporting module in Aseco Lietuva document management system DVS Avilys before 3.5.58 allows unauthorized file download. An unauthenticated attacker can impersonate an administrator by reading administrative files.

**Dokumentų ir procesų valdymo sistema „Avilys“****Mažiau popieriaus, daugiau tvarkos!**

Įsivaizduokite programinę įrangą, kuri leidžia centralizuotai kaupti visus organizacijoje sukuriamus bei gaunamus dokumentus, įgalina nepasimesti tarp skirtingų jų versijų ir redakcijų, elektroniniu būdu juos derinti, vizuoti ir pasirašyti, patvirtinti pasirašymą elektroniniu parašu, automatiškai nukreipti ir nusiųsti reikiamus elektroninius dokumentus jų adresatams.

Įsivaizduokite, kad ši programinė įranga kiekvienam darbuotojui padeda per daug trumpesnį laiką atlikti praktiškai visus su dokumentais susijusius veiksmus (parengti, redaguoti, išsaugoti, archyvuoti) ir leidžia sutaupyti dokumentų spausdinimui bei tvarkymui skirtas išlaidas.

Įsivaizduokite, kad darbuotojui nereikia žinoti, kas iš dokumentus derinančių asmenų atostogauja ir nusiųstus derinti dokumentus gali suderinti sistemoje įvestas pavaduojantis asmuo, o iš atostogų grįžęs kolega gali susipažinti su pavaduojančio asmens nuveiktais darbais.

Įsivaizduokite, kad dokumentus galima greitai surasti ir susipažinti su juose esančia informacija bet kuriuo metu, kai tai yra reikalinga, o dokumentais ir juose esančia informacija gali naudotis tik tie asmenys, kuriems jie skirti.

Įsivaizduokite, kad šia programine įranga paprasta naudotis, o ji suteikia galimybę atlikti įvairiapusę analizę.

**Visa tai ir dar daugiau atlikti padeda dokumentų ir procesų valdymo sistema „Avilys“.**

 

**Ugnė Klupšaitė**

Pardavimo projektų vadovė  
**+370 698 555 05**

 

*   Daugiau apie dokumentų valdymo sistemą
*   Turinio valdymo platforma „Avilys SDP“

Dokumentų valdymo sistema „Avilys“ padeda įvairaus dydžio viešojo sektoriaus bei verslo organizacijoms atlikti šias funkcijas: saugoti ir archyvuoti dokumentus, registruoti ir nukreipti dokumentus, rengti ir derinti dokumentų projektus bei sutartis, valdyti užduotis, projektus, resursus, pirkimus ir konsultacijų teikimą, organizuoti posėdžius, teikti elektronines paslaugas, o taip pat grafiškai modeliuoti dokumentų rengimo procesus. „Avilyje“ yra galimybė pasirašyti dokumentus el. parašu pagal Lietuvos archyvų departamento patvirtintus reikalavimus ir patogiai priimti, registruoti bei perskaityti elektroninius dokumentus ADOC ir PDF formatais. Sistemos naudotojai prie sistemos jungiasi per interneto naršyklę. Sistemoje „Avilys“ naudojami įrankiai - atvirojo kodo (Open Source) programinė įranga bei paplitusios duomenų bazių valdymo sistemos tokios, kaip „Oracle", „PostgreSQL".

DVS „Avilys“ gali būti naudojama kaip:

*   savarankiška sistema, padedanti valdyti visą organizacijos dokumentų gyvavimo ciklą - nuo dokumentų sukūrimo iki archyvavimo;
*    į pagrindines organizacijos sistemas integruota „backend“ sistema, padedanti šioms sistemoms atlikti dokumentų valdymo funkciją;
*   organizacijos turinio valdymo platforma, skirta kurti specializuotas taikomąsias programas.

**„Avilys“ - tai:**

 

*   Centralizuotas dokumentų saugojimas ir archyvavimas
*   Dokumentų valdymas
*   Užduočių valdymas
*   Sutarčių valdymas
*   Posėdžių organizavimas
*   Teisės aktų valdymas
*   Pirkimų informacijos valdymas

 

 

*   Konsultacijų valdymas
*   Resursų valdymas
*   Projektų valdymas
*   Elektroninių paslaugų valdymas
*   Periodinės priminimų ataskaitos
*   Lanksčios ir sklandžios integravimo galimybės

 

** DVS „Avilys“ privalumai:**

****

*   El. dokumentų ir el. parašo funkcionalumas (pasirašymas naudojant mobilų ar lokalų įrenginį, Smart-ID priemonę)
*   Išorinio pasirašymo funkcionalumas ("Avilyje" paruoštas dvišalis ADOC ar PDF dokumentas siunčiamas pasirašyti kitai šaliai per nuorodą į išorinę svetainę ir pasirašytas dokumentas automatiškai įsikelia "Avilyje")
*   Pavadavimas ir dokumentų perdavimas
*   Centralizuotas saugojimas ir archyvavimas
*   Automatizuoti derinimo, vizavimo, pasirašymo ir tvirtinimo procesai
*   Masiniai veiksmai su dokumentais (masinis skenavimas, nukreipimas, susiejimas, vizavimas ir pasirašymas, įkėlimas į sistemą, užduočių skyrimas ir uždarymas, duomenų keitimas)
*   Grafinis vidinių procesų modeliavimas (procesų šablonai, drag-and-drop principas)
*   Veiksmų istorija ir versijų atsekamumas
*   Pilnatekstė dokumentų paieška, paieškos rezultatų eksportas, personalizuotos paieškos
*   Optinio simbolių atpažinimo (OCR) galimybė
*   Automatinis turinio failų formato konvertavimas
*   Lanksčios integravimo su išorinėmis sistemomis galimybės (e. pristatymo sistema, personalo ir finansų valdymo sistemomis, teisės aktų registru, el. archyvo informacine sistema, kt.)
*   Ataskaitos (ataskaitų ruošiniai, įvairūs ataskaitų formatai, periodinės ataskaitos el. paštu)
*   Daugiaplatformė architektūra
*   Paprastas sistemos administravimas
*   Sistemos veikimo stebėsenos įrankis
*   Sustiprintas saugumas (dokumentų viešumo ir naudotojų slaptumo lygiai, organizacijos padalinių ir darbuotojų matomumo ribojimas, įspėjimai apie įslaptintų dokumentų eksportavimą)

**Pagrindiniai moduliai:**

**Centralizuotas dokumentų saugojimas ir archyvavimas**

*   Dokumentų saugojimas vienoje vietoje
*   Senų duomenų archyvavimas
*   Neaktualių archyvuotų duomenų šalinimas
*   Ataskaitos
*   Įvairios paieškos galimybės

 

**Dokumentų valdymas**

*   Gaunamų, siunčiamų bei vidaus dokumentų registravimas
*   Dokumentų klasifikavimas
*   Dokumentų rengimas, derinimas, vizavimas, pasirašymas ir tvirtinimas
*   Ruošiniai dokumentams rengti
*   Sudėtingų ir didelės apimtis dokumentų rengimas (grupinis darbas)
*   Dokumentų susiejimas
*   Optinis simbolių atpažinimas (OCR)
*   Automatinio registracijos spaudo funkcija
*   Tiesioginis skenavimas, įkėlimas iš el. laiško

 

**Užduočių valdymas**

*   Užduočių skyrimas
*   Pavadavimas (darbų perdavimas pavaduojančiam kolegai)
*   Užduočių vykdymo kontrolė
*   Tarpiniai užduoties vykdymo rezultatai
*   Priminimai ir įspėjimai
*   Galimybė automatiškai uždaryti užduotį

 

**Sutarčių valdymas**

*   Sutarčių rengimas, derinimas, vizavimas ir pasirašymas
*   Ruošiniai sutartims ruošti
*   Sutarčių ir kitų dokumentų susiejimas
*   Sutarties etapų valdymas
*   Sutarties vertės, datos, būsenos
*   Priminimai
*   Versijų atsekamumas
*   Veiksmų istorija
*   Proceso seka (automatizavimas)

 

**Posėdžių organizavimas**

*   Svarstytinų klausimų pateikimas
*   Darbotvarkės sudarymas ir derinimas
*   Dalyvių pakvietimas ir supažindinimas su posėdžio informacija
*   Posėdžio protokolavimas

 

**Elektroninių paslaugų valdymas**

*   Paslaugų aprašymų valdymas ir publikavimas
*   Informacijos, susijusios su paslaugų teikimu, publikavimas
*   Paslaugų paraiškų duomenų perdavimas į DVS vykdymui
*   Paslaugos vykdymo būsenos pateikimas iš DVS paslaugos gavėjui
*   Paslaugos įvykdymo rezultatų iš DVS pateikimas

 

**Kiti funkcionalumai:**

*   El. dokumentai ir el. parašas (el. dokumentų priėmimas, tikrinimas ir registravimas, rengimas, derinimas ir pasirašymas el. parašu)
*   Išorinis pasirašymas (dvišalių ADOC ar PDF dokumentų, pvz. sutarčių ir jos priedų, pasirašymas el. parašu)
*   Periodinės priminimų ataskaitos (apie neįvykdytas užduotis, kt.)
*   Pirkimų informacijos valdymas (pirkimo paraiškos rengimas ir derinimas)
*   Resursų valdymas (posėdžių salių, automobilių, konferencijų įrangos, kt.)
*   Projektų valdymas (projekto registravimas, dokumentų susiejimas, užduoties skyrimas projekto komandai)
*   Konsultacijų valdymas (informacijos apie konsultacijas administravimas ir konsultacijų teikimas, konsultacijų užsakymas)
*   Teisės aktų valdymas (rengimas, derinimas, publikavimas)

**Klientai:**

 

*   Ignalinos atominė elektrinė
*   Lietuvos bankas
*   Vilniaus, Klaipėdos, Panevėžio, Alytaus, Šiaulių miestų savivaldybės
*   Biržų, Pakruojo, Šiaulių, Zarasų rajonų savivaldybės
*   LR Vyriausybės kanceliarija
*   LR krašto apsaugos ministerija
*   LR susisiekimo ministerija
*   LR teisingumo ministerija
*   LR užsienio reikalų ministerija
*   LR vidaus reikalų ministerija
*   Policijos departamentas
*   Informacinės visuomenės plėtros komitetas
*   Lietuvos Respublikos transporto priemonių draudikų biuras
*   Klaipėdos valstybinio jūrų uosto direkcija

 

 

*   Lietuvos nacionalinė M. Mažvydo biblioteka ir kelios viešosios bibliotekos
*   Lietuvos vyriausiojo archyvaro tarnyba
*   Vilniaus universitetas
*   Kultūros paveldo departamentas
*   Nacionalinis muziejus Lietuvos Didžiosios kunigaikštystės valdovų rūmai
*   Nacionalinė žemės tarnyba
*   Valstybinė geležinkelio inspekcija
*   Lietuvos transporto saugos administracija
*   Valstybinė mokesčių inspekcija
*   Valstybinė teritorijų planavimo ir statybos inspekcija
*   Valstybinis patentų biuras
*   Žemės ūkio informacijos ir kaimo verslo centras
*   „Akropolis group"

 

„Avilys SDP“ - tai turinio valdymo (ECM) platforma, kuri apima metodus ir įrankius, naudojamus užfiksuoti, valdyti, įrašyti, išsaugoti ir pateikti informaciją, dokumentus ir duomenis, susijusius su organizacijos veiklos procesais, bei kurios pagalba galima konfigūruoti ir kurti naujus modulius bei taikomąsias programas įvairiems su organizacijos veiklos procesais susijusiems funkcionalumams įgyvendinti.

Daugiau informacijos meniu „Sprendimai“ skiltyje „Turinio valdymas“.

CVE-2022-27192: DVS Avilys

The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference.

%PDF-1.7 %���� 1 0 obj <>/Metadata 152 0 R/ViewerPreferences 153 0 R>> endobj 2 0 obj <> endobj 3 0 obj <>/ExtGState<>/ProcSet\[/PDF/Text/ImageB/ImageC/ImageI\] >>/Annots\[ 20 0 R 23 0 R 24 0 R 25 0 R 26 0 R 27 0 R\] /MediaBox\[ 0 0 612 792\] /Contents 4 0 R/Group<>/Tabs/S/StructParents 0>> endobj 4 0 obj <> stream x��\\Ys�F~W������+�\*���l��Z����%�R�����ow�x v�d������tܼ�������o��u�Ûq��+2��p����(�:����\`y}�Ç뫛�<\*�0���@�D"dp�$Q�a��~��,x������˯?^\_��=cR��dL��� >�������뫳��B���2A�5 ���^ �0�av:�Θ��G����H����G����J�LI���2%c�d�R0��=2#� 푐F&^K�\[�y=���kb%\*Y���w���\`�n��v+�T�%�A0�Ë��y��6���ߧ��:�Ԡ�Gr��e��I�ҷ�j=T�<�͊@��.Vn7�\\���H�)�e��6����� �����\`2��pd����{�U3����viM��5$abZ�&E����X} Fޡ6�,J�f0{u��Z�< ����\_�# &�)�?����Ј.��Y(;����3��𴕭 �p��p.t�a�� /���aa�5� ��c���cƝZ�/ e�u��:ї�ۗ��0�8�/\]��("�(�:O-\\p����>���Y��Kn��y��\`��)�N�ɉ�mؙ�i�ױF/;\\���J�hU�"��Ң��&���ϓ5~�z��ِ���D.N�aN�KY�fAk\`�����,r���A1L\`�����.a�Œ9G\_ԃŐ��gX��<@QN��3 nZ,A��z����\*��s��mR�$$��IeKʎ��aIt��mp�+�Ǒn�Š�H �'!A��\`�(Ii�$jL��ǔ��� LA ����' T��

CVE-2021-45117

A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.3. A malicious application may be able to gain root privileges.

Released March 14, 2022

**Accelerate Framework**

Available for: macOS Monterey

Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution

Description: A memory corruption issue was addressed with improved state management.

CVE-2022-22633: an anonymous researcher

**AMD**

Available for: macOS Monterey

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A use after free issue was addressed with improved memory management.

CVE-2022-22669: an anonymous researcher

**AppKit**

Available for: macOS Monterey

Impact: A malicious application may be able to gain root privileges

Description: A logic issue was addressed with improved validation.

CVE-2022-22665: Lockheed Martin Red Team

**AppleGraphicsControl**

Available for: macOS Monterey

Impact: An application may be able to gain elevated privileges

Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2022-22631: an anonymous researcher

**AppleScript**

Available for: macOS Monterey

Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2022-22625: Mickey Jin (@patch1t) of Trend Micro

**AppleScript**

Available for: macOS Monterey

Impact: An application may be able to read restricted memory

Description: This issue was addressed with improved checks.

CVE-2022-22648: an anonymous researcher

**AppleScript**

Available for: macOS Monterey

Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory

Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2022-22626: Mickey Jin (@patch1t) of Trend Micro

CVE-2022-22627: Qi Sun and Robert Ai of Trend Micro

**AppleScript**

Available for: macOS Monterey

Impact: Processing a maliciously crafted file may lead to arbitrary code execution

Description: A memory corruption issue was addressed with improved validation.

CVE-2022-22597: Qi Sun and Robert Ai of Trend Micro

**BOM**

Available for: macOS Monterey

Impact: A maliciously crafted ZIP archive may bypass Gatekeeper checks

Description: This issue was addressed with improved checks.

CVE-2022-22616: Ferdous Saljooki (@malwarezoo) and Jaron Bradley (@jbradley89) of Jamf Software, Mickey Jin (@patch1t)

**curl**

Available for: macOS Monterey

Impact: Multiple issues in curl

Description: Multiple issues were addressed by updating to curl version 7.79.1.

CVE-2021-22946

CVE-2021-22947

CVE-2021-22945

Entry updated March 21, 2022

**FaceTime**

Available for: macOS Monterey

Impact: A user may send audio and video in a FaceTime call without knowing that they have done so

Description: This issue was addressed with improved checks.

CVE-2022-22643: Sonali Luthar of the University of Virginia, Michael Liao of the University of Illinois at Urbana-Champaign, Rohan Pahwa of Rutgers University, and Bao Nguyen of the University of Florida

**ImageIO**

Available for: macOS Monterey

Impact: Processing a maliciously crafted image may lead to arbitrary code execution

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2022-22611: Xingyu Jin of Google

**ImageIO**

Available for: macOS Monterey

Impact: Processing a maliciously crafted image may lead to heap corruption

Description: A memory consumption issue was addressed with improved memory handling.

CVE-2022-22612: Xingyu Jin of Google

**Intel Graphics Driver**

Available for: macOS Monterey

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A type confusion issue was addressed with improved state handling.

CVE-2022-22661: an anonymous researcher, Peterpan0927 of Alibaba Security Pandora Lab

**IOGPUFamily**

Available for: macOS Monterey

Impact: An application may be able to gain elevated privileges

Description: A use after free issue was addressed with improved memory management.

CVE-2022-22641: Mohamed Ghannam (@\_simo36)

**Kernel**

Available for: macOS Monterey

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2022-22613: Alex, an anonymous researcher

**Kernel**

Available for: macOS Monterey

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A use after free issue was addressed with improved memory management.

CVE-2022-22614: an anonymous researcher

CVE-2022-22615: an anonymous researcher

**Kernel**

Available for: macOS Monterey

Impact: A malicious application may be able to elevate privileges

Description: A logic issue was addressed with improved state management.

CVE-2022-22632: Keegan Saunders

**Kernel**

Available for: macOS Monterey

Impact: An attacker in a privileged position may be able to perform a denial of service attack

Description: A null pointer dereference was addressed with improved validation.

CVE-2022-22638: derrek (@derrekr6)

**Kernel**

Available for: macOS Monterey

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved validation.

CVE-2022-22640: sqrtpwn

**libarchive**

Available for: macOS Monterey

Impact: Multiple issues in libarchive

Description: Multiple memory corruption issues existed in libarchive. These issues were addressed with improved input validation.

CVE-2021-36976

**Login Window**

Available for: macOS Monterey

Impact: A person with access to a Mac may be able to bypass Login Window

Description: This issue was addressed with improved checks.

CVE-2022-22647: an anonymous researcher

**LoginWindow**

Available for: macOS Monterey

Impact: A local attacker may be able to view the previous logged in user’s desktop from the fast user switching screen

Description: An authentication issue was addressed with improved state management.

CVE-2022-22656

**GarageBand MIDI**

Available for: macOS Monterey

Impact: Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution

Description: A memory initialization issue was addressed with improved memory handling.

CVE-2022-22657: Brandon Perry of Atredis Partners

**GarageBand MIDI**

Available for: macOS Monterey

Impact: Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution

Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2022-22664: Brandon Perry of Atredis Partners

**NSSpellChecker**

Available for: macOS Monterey

Impact: A malicious application may be able to access information about a user's contacts

Description: A privacy issue existed in the handling of Contact cards. This was addressed with improved state management.

CVE-2022-22644: an anonymous researcher

**PackageKit**

Available for: macOS Monterey

Impact: An application may be able to gain elevated privileges

Description: A logic issue was addressed with improved state management.

CVE-2022-22617: Mickey Jin (@patch1t)

**Preferences**

Available for: macOS Monterey

Impact: A malicious application may be able to read other applications' settings

Description: The issue was addressed with additional permissions checks.

CVE-2022-22609: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)

**QuickTime Player**

Available for: macOS Monterey

Impact: A plug-in may be able to inherit the application's permissions and access user data

Description: This issue was addressed with improved checks.

CVE-2022-22650: Wojciech Reguła (@\_r3ggi) of SecuRing

**Safari Downloads**

Available for: macOS Monterey

Impact: A maliciously crafted ZIP archive may bypass Gatekeeper checks

Description: This issue was addressed with improved checks.

CVE-2022-22616: Ferdous Saljooki (@malwarezoo) and Jaron Bradley (@jbradley89) of Jamf Software, Mickey Jin (@patch1t)

**Sandbox**

Available for: macOS Monterey

Impact: A malicious application may be able to bypass certain Privacy preferences

Description: The issue was addressed with improved permissions logic.

CVE-2022-22600: Sudhakar Muthumani of Primefort Private Limited, Khiem Tran

**Siri**

Available for: macOS Monterey

Impact: A person with physical access to a device may be able to use Siri to obtain some location information from the lock screen

Description: A permissions issue was addressed with improved validation.

CVE-2022-22599: Andrew Goldberg of the University of Texas at Austin, McCombs School of Business (linkedin.com/andrew-goldberg/)

**SMB**

Available for: macOS Monterey

Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory

Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2022-22651: Felix Poulin-Belanger

**SoftwareUpdate**

Available for: macOS Monterey

Impact: An application may be able to gain elevated privileges

Description: A logic issue was addressed with improved state management.

CVE-2022-22639: Mickey Jin (@patch1t)

**System Preferences**

Available for: macOS Monterey

Impact: An app may be able to spoof system notifications and UI

Description: This issue was addressed with a new entitlement.

CVE-2022-22660: Guilherme Rambo of Best Buddy Apps (rambo.codes)

**UIKit**

Available for: macOS Monterey

Impact: A person with physical access to an iOS device may be able to see sensitive information via keyboard suggestions

Description: This issue was addressed with improved checks.

CVE-2022-22621: Joey Hewitt

**Vim**

Available for: macOS Monterey

Impact: Multiple issues in Vim

Description: Multiple issues were addressed by updating Vim.

CVE-2021-4136

CVE-2021-4166

CVE-2021-4173

CVE-2021-4187

CVE-2021-4192

CVE-2021-4193

CVE-2021-46059

CVE-2022-0128

CVE-2022-0156

CVE-2022-0158

**VoiceOver**

Available for: macOS Monterey

Impact: A user may be able to view restricted content from the lock screen

Description: A lock screen issue was addressed with improved state management.

CVE-2021-30918: an anonymous researcher

**WebKit**

Available for: macOS Monterey

Impact: Processing maliciously crafted web content may disclose sensitive user information

Description: A cookie management issue was addressed with improved state management.

WebKit Bugzilla: 232748  
CVE-2022-22662: Prakash (@1lastBr3ath) of Threat Nix

**WebKit**

Available for: macOS Monterey

Impact: Processing maliciously crafted web content may lead to code execution

Description: A memory corruption issue was addressed with improved state management.

WebKit Bugzilla: 232812  
CVE-2022-22610: Quan Yin of Bigo Technology Live Client Team

**WebKit**

Available for: macOS Monterey

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A use after free issue was addressed with improved memory management.

WebKit Bugzilla: 233172  
CVE-2022-22624: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab

WebKit Bugzilla: 234147  
CVE-2022-22628: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab

**WebKit**

Available for: macOS Monterey

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A buffer overflow issue was addressed with improved memory handling.

WebKit Bugzilla: 234966  
CVE-2022-22629: Jeonghoon Shin at Theori working with Trend Micro Zero Day Initiative

**WebKit**

Available for: macOS Monterey

Impact: A malicious website may cause unexpected cross-origin behavior

Description: A logic issue was addressed with improved state management.

WebKit Bugzilla: 235294  
CVE-2022-22637: Tom McKee of Google

**Wi-Fi**

Available for: macOS Monterey

Impact: A malicious application may be able to leak sensitive user information

Description: A logic issue was addressed with improved restrictions.

CVE-2022-22668: MrPhil17

**xar**

Available for: macOS Monterey

Impact: A local user may be able to write arbitrary files

Description: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.

CVE-2022-22582: Richard Warren of NCC Group

CVE-2022-22665: About the security content of macOS Monterey 12.3

A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, macOS Monterey 12.3. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution.

Released March 14, 2022

**Accelerate Framework**

Available for: macOS Big Sur

Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution

Description: A memory corruption issue was addressed with improved state management.

CVE-2022-22633: ryuzaki

Entry updated May 25, 2022

**AppKit**

Available for: macOS Big Sur

Impact: A malicious application may be able to gain root privileges

Description: A logic issue was addressed with improved validation.

CVE-2022-22665: Lockheed Martin Red Team

Entry added May 25, 2022

**AppleGraphicsControl**

Available for: macOS Big Sur

Impact: An application may be able to gain elevated privileges

Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2022-22631: Wang Yu of cyberserval

Entry updated May 25, 2022

**AppleScript**

Available for: macOS Big Sur

Impact: An application may be able to read restricted memory

Description: This issue was addressed with improved checks.

CVE-2022-22648: Mickey Jin (@patch1t) of Trend Micro

Entry updated May 25, 2022

**AppleScript**

Available for: macOS Big Sur

Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory

Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2022-22627: Qi Sun and Robert Ai of Trend Micro

CVE-2022-22626: Mickey Jin (@patch1t) of Trend Micro

**AppleScript**

Available for: macOS Big Sur

Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2022-22625: Mickey Jin (@patch1t) of Trend Micro

**AppleScript**

Available for: macOS Big Sur

Impact: Processing a maliciously crafted file may lead to arbitrary code execution

Description: A memory corruption issue was addressed with improved validation.

CVE-2022-22597: Qi Sun and Robert Ai of Trend Micro

**BOM**

Available for: macOS Big Sur

Impact: A maliciously crafted ZIP archive may bypass Gatekeeper checks

Description: This issue was addressed with improved checks.

CVE-2022-22616: Ferdous Saljooki (@malwarezoo) and Jaron Bradley (@jbradley89) of Jamf Software, Mickey Jin (@patch1t)

**CUPS**

Available for: macOS Big Sur

Impact: An application may be able to gain elevated privileges

Description: A logic issue was addressed with improved state management.

CVE-2022-26691: Joshua Mason of Mandiant

Entry added May 25, 2022

**Intel Graphics Driver**

Available for: macOS Big Sur

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A type confusion issue was addressed with improved state handling.

CVE-2022-22661: an anonymous researcher, Pan ZhenPeng (@Peterpan0927) of Alibaba Security Pandora Lab

Entry updated May 25, 2022

**Kernel**

Available for: macOS Big Sur

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2022-22613: Alex, an anonymous researcher

**Kernel**

Available for: macOS Big Sur

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A use after free issue was addressed with improved memory management.

CVE-2022-22615: an anonymous researcher

CVE-2022-22614: an anonymous researcher

**Kernel**

Available for: macOS Big Sur

Impact: An attacker in a privileged position may be able to perform a denial of service attack

Description: A null pointer dereference was addressed with improved validation.

CVE-2022-22638: derrek (@derrekr6)

**Kernel**

Available for: macOS Big Sur

Impact: A malicious application may be able to elevate privileges

Description: A logic issue was addressed with improved state management.

CVE-2022-22632: Keegan Saunders

**Login Window**

Available for: macOS Big Sur

Impact: A person with access to a Mac may be able to bypass Login Window

Description: This issue was addressed with improved checks.

CVE-2022-22647: Yuto Ikeda of Kyushu University

Entry updated May 25, 2022

**LoginWindow**

Available for: macOS Big Sur

Impact: A local attacker may be able to view the previous logged in user’s desktop from the fast user switching screen

Description: An authentication issue was addressed with improved state management.

CVE-2022-22656

**MobileAccessoryUpdater**

Available for: macOS Big Sur

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2022-22672: Siddharth Aeri (@b1n4r1b01)

Entry added May 25, 2022

**PackageKit**

Available for: macOS Big Sur

Impact: An application may be able to gain elevated privileges

Description: A logic issue was addressed with improved state management.

CVE-2022-22617: Mickey Jin (@patch1t)

**PackageKit**

Available for: macOS Big Sur

Impact: A malicious app with root privileges may be able to modify the contents of system files

Description: An issue in the handling of symlinks was addressed with improved validation.

CVE-2022-26688: Mickey Jin (@patch1t) of Trend Micro

Entry added May 25, 2022

**QuickTime Player**

Available for: macOS Big Sur

Impact: A plug-in may be able to inherit the application's permissions and access user data

Description: This issue was addressed with improved checks.

CVE-2022-22650: Wojciech Reguła (@\_r3ggi) of SecuRing

**Siri**

Available for: macOS Big Sur

Impact: A person with physical access to a device may be able to use Siri to obtain some location information from the lock screen

Description: A permissions issue was addressed with improved validation.

CVE-2022-22599: Andrew Goldberg of the University of Texas at Austin, McCombs School of Business (linkedin.com/andrew-goldberg-/)

Entry updated May 25, 2022

**SMB**

Available for: macOS Big Sur

Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory

Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2022-22651: Felix Poulin-Belanger

Entry added May 25, 2022

**WebKit**

Available for: macOS Big Sur

Impact: Processing maliciously crafted web content may disclose sensitive user information

Description: A cookie management issue was addressed with improved state management.

CVE-2022-22662: Prakash (@1lastBr3ath) of Threat Nix

Entry added May 25, 2022

**WebKit**

Available for: macOS Big Sur

Impact: Processing maliciously crafted web content may disclose sensitive user information

Description: A cookie management issue was addressed with improved state management.

WebKit Bugzilla: 232748  
CVE-2022-22662: Prakash (@1lastBr3ath) of Threat Nix

**xar**

Available for: macOS Big Sur

Impact: A local user may be able to write arbitrary files

Description: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.

CVE-2022-22582: Richard Warren of NCC Group

Tag

#pdf