What is CVE-2022-46689?

CVE-2022-46689 is a vulnerability in Apple Macos. Published 2022-12-15.

Is CVE-2022-46689 known to be exploited?

76 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apple Macos

CVE-2022-46689

A race condition was addressed with additional validation. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may b…

EPSS: 0.853 (99.4th percentile) — read the EPSS interpretation.

Affected products

Apple Macos — versions unspecified
Apple Tvos — versions unspecified
Apple Watchos — versions unspecified

Public proof-of-concept exploits

ginsudev/WDBFontOverwrite
zhuowei/MacDirtyCowDemo
straight-tamago/FileSwitcherX
straight-tamago/NoCameraSound
mineek/FileManager
straight-tamago/NoHomeBar
straight-tamago/DockTransparent
bomberfish/Mandela-Legacy
bomberfish/Mandela-Classic
enty8080/MacDirtyCow

References

support.apple.com/en-us/HT213535
support.apple.com/en-us/HT213532
support.apple.com/en-us/HT213530
support.apple.com/en-us/HT213531
support.apple.com/en-us/HT213536
support.apple.com/en-us/HT213534
support.apple.com/en-us/HT213533
20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2 (mailing-list)
20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2 (mailing-list)
20221220 APPLE-SA-2022-12-13-6 macOS Big Sur 11.7.2 (mailing-list)

Frequently asked questions

What is CVE-2022-46689?: CVE-2022-46689 is a vulnerability in Apple Macos. Published 2022-12-15.
Is CVE-2022-46689 known to be exploited?: 76 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.