Home > Cyber News > CVE-2022-22639 macOS Vulnerability Could Cause Root Privilege Escalation
CYBER NEWS

CVE-2022-22639 macOS Vulnerability Could Cause Root Privilege Escalation

by   |  Last Update:  |  0 Comments  

CVE-2022-22639 macOS Vulnerability Could Cause Root Privilege Escalation

CVE-2022-22639 is a recently discovered, already patched macOS vulnerability in suhelperd, a helper daemon process for Software Update in Apple’s operating system. The vulnerability was discovered by Trend Micro researchers who also provided a detailed analysis of the issue. More specifically, the researchers located the vulnerability in SUHelper.




CVE-2022-22639 macOS Root Privilege Escalation Vulnerability

The team discovered a vulnerability in suhelperd, a helper daemon process for Software Update in macOS. It turned out that a class inside suhelperd, known as SUHelper, which provides an essential system service through the inter-process communication (IPC) mechanism, could trigger the vulnerability in specific circumstances.

“The process runs as root and is signed with special entitlements, such as com.apple.rootless.install, which grants the process permission to bypass System Integrity Protection (SIP) restrictions. This combination of functionalities presents an attractive opportunity for malicious actors to exploit the vulnerability,” the report said.

If exploited successfully, the CVE-2022-22639 vulnerability could allow root privilege escalation. Fortunately, Apple was quick to resolve the issue and release a patch in macOS Monterey 12.3 (which contains other security fixes as well).

In 2021, another vulnerability that bypassed SIP protections was discovered. Shrootless, or CVE-2021-30892, is another OS-level vulnerability that could allow threat actors to circumvent security restrictions, known as System Integrity Protection (SIP), in macOS, to take over the device. Once this is done, hackers could perform various arbitrary operations without being detected by security solutions. Details about the vulnerability were disclosed by Microsoft.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Related posts:
  1. CVE-2021-30892: macOS Vulnerability that Bypasses SIP Protections Shrootless, or CVE-2021-30892, is a new, OS-level vulnerability that could...
  2. Adobe Patches 112 Vulnerabilities in Latest Patch Package (CVE-2018-5007) Adobe has released the latest patch package that addresses a...
  3. CVE-2022-0492: Privilege Escalation Linux Kernel Vulnerability A new high-severity Linux kernel vulnerability could have been abused...
  4. CVE-2019-7304: Privilege Escalation Vulnerability in Snapd Another Linux vulnerability has been discovered impacting Snapd, the package...
  5. CVE-2020-8758: Intel Active Management Technology Vulnerable to Privilege Escalation Computer security researchers discovered a major vulnerability in the Intel...
  6. The Windows User Security Bible: Vulnerabilities and Patches If you’re one of those conscious users who acquaint themselves...
  7. CVE-2018-10901 in Linux Kernel Could Lead to Privilege Escalation CVE-2018-10901 is the identifier of a recently disclosed vulnerability in...
  8. Apple ID Phishing Scam — WHAT IS IT + How to Remove This article has been created in order to explain to...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree