Symlink Validation Vulnerability Allows Arbitrary File Writing

Symlink Validation Vulnerability Allows Arbitrary File Writing

CVE-2022-22582 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5, macOS Monterey 12.3. A local user may be able to write arbitrary files.

Learn more about our Cis Benchmark Audit For Apple Macos.