Lucene search
Jeremy BrownZDI-22-1065HistoryAug 15, 2022 - 12:00 a.m.
Apple macOS Remote Events Memory Corruption Remote Code Execution Vulnerability
2022-08-1500:00:00
Jeremy Brown
www.zerodayinitiative.com
34
apple macos
remote events
memory corruption
remote code execution
authentication
validation
user-supplied data
memory corruption condition
aeserver process
0.008 Low
EPSS
Percentile
81.8%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Authentication is not required to exploit this vulnerability. The specific flaw exists within Apple Remote Events. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the AEServer process.
Related
zdt
zdt
Apple macOS Remote Events Memory Corruption Exploit
2022-09-05 00:00:00
prion
prion
Design/Logic Flaw
2023-06-23 18:15:00
cve
cve
CVE-2022-22630
2023-06-23 18:15:10
cvelist
cvelist
CVE-2022-22630
2023-06-23 00:00:00
nvd
nvd
CVE-2022-22630
2023-06-23 18:15:10
packetstorm
packetstorm
Apple macOS Remote Events Memory Corruption
2022-09-05 00:00:00
openvas
openvas
Apple Mac OS X Security Update (HT213255)
2022-05-19 00:00:00
Apple Mac OS X Security Update (HT213256)
2022-05-19 00:00:00
Apple Mac OS X Security Update (HT213183)
2022-03-17 00:00:00
apple
apple
About the security content of Security Update 2022-004 Catalina
2022-05-16 00:00:00
About the security content of macOS Big Sur 11.6.6
2022-05-16 00:00:00
About the security content of macOS Monterey 12.3
2022-03-14 00:00:00