Login Sign Up

CVE-2022-22625

7.1 HIGH
Denial of Service

📋 TL;DR

This vulnerability allows attackers to read memory outside intended boundaries when processing malicious AppleScript binaries. It affects macOS Catalina, Big Sur, and Monterey users, potentially causing application crashes or memory disclosure.

💻 Affected Systems

Products:
  • macOS
Versions: Catalina, Big Sur before 11.6.5, Monterey before 12.3
Operating Systems: macOS
Default Config Vulnerable: ⚠️ Yes
Notes: Affects systems processing AppleScript binaries (.scpt files).

📦 What is this software?

Mac Os X by Apple

View all CVEs affecting Mac Os X →

Mac Os X by Apple

View all CVEs affecting Mac Os X →

Mac Os X by Apple

View all CVEs affecting Mac Os X →

Mac Os X by Apple

View all CVEs affecting Mac Os X →

Mac Os X by Apple

View all CVEs affecting Mac Os X →

Mac Os X by Apple

View all CVEs affecting Mac Os X →

Mac Os X by Apple

View all CVEs affecting Mac Os X →

Mac Os X by Apple

View all CVEs affecting Mac Os X →

Mac Os X by Apple

View all CVEs affecting Mac Os X →

Mac Os X by Apple

View all CVEs affecting Mac Os X →

Mac Os X by Apple

View all CVEs affecting Mac Os X →

Mac Os X by Apple

View all CVEs affecting Mac Os X →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sensitive process memory disclosure leading to information leakage, credential theft, or system compromise.

🟠

Likely Case

Application crashes (denial of service) or limited memory disclosure.

🟢

If Mitigated

No impact if systems are patched or AppleScript processing is restricted.

🌐 Internet-Facing: LOW - Requires local user interaction or malicious file execution.
🏢 Internal Only: MEDIUM - Could be exploited via phishing or malicious files within the organization.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires user to execute malicious AppleScript binary; no known public exploits.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina

Vendor Advisory: https://support.apple.com/en-us/HT213183

Restart Required: Yes

Instructions:

1. Open System Preferences > Software Update. 2. Install available security updates. 3. Restart the system when prompted.

🔧 Temporary Workarounds

Restrict AppleScript execution

all

Limit execution of AppleScript binaries via application controls or policies.

🧯 If You Can't Patch

  • Implement application allowlisting to block unknown AppleScript binaries.
  • Educate users about risks of opening untrusted AppleScript files.

🔍 How to Verify

Check if Vulnerable:

Check macOS version via 'sw_vers' command and compare with patched versions.

Check Version:

sw_vers

Verify Fix Applied:

Verify installed security update in System Preferences > Software Update > Installed Updates.

📡 Detection & Monitoring

Log Indicators:

  • Application crashes related to AppleScript execution
  • Unexpected process termination logs

SIEM Query:

Process termination events with AppleScript-related executables

📊 Metadata

CVE ID: CVE-2022-22625
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
CWE: CWE-125
Published: March 18, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-22625, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)