Home > Cyber News > CVE-2022-22639 macOS Vulnerability Could Cause Root Privilege Escalation
CYBER NEWS

CVE-2022-22639 macOS Vulnerability Could Cause Root Privilege Escalation

CVE-2022-22639 macOS Vulnerability Could Cause Root Privilege Escalation

CVE-2022-22639 is a recently discovered, already patched macOS vulnerability in suhelperd, a helper daemon process for Software Update in Apple’s operating system. The vulnerability was discovered by Trend Micro researchers who also provided a detailed analysis of the issue. More specifically, the researchers located the vulnerability in SUHelper.




CVE-2022-22639 macOS Root Privilege Escalation Vulnerability

The team discovered a vulnerability in suhelperd, a helper daemon process for Software Update in macOS. It turned out that a class inside suhelperd, known as SUHelper, which provides an essential system service through the inter-process communication (IPC) mechanism, could trigger the vulnerability in specific circumstances.

“The process runs as root and is signed with special entitlements, such as com.apple.rootless.install, which grants the process permission to bypass System Integrity Protection (SIP) restrictions. This combination of functionalities presents an attractive opportunity for malicious actors to exploit the vulnerability,” the report said.

If exploited successfully, the CVE-2022-22639 vulnerability could allow root privilege escalation. Fortunately, Apple was quick to resolve the issue and release a patch in macOS Monterey 12.3 (which contains other security fixes as well).

In 2021, another vulnerability that bypassed SIP protections was discovered. Shrootless, or CVE-2021-30892, is another OS-level vulnerability that could allow threat actors to circumvent security restrictions, known as System Integrity Protection (SIP), in macOS, to take over the device. Once this is done, hackers could perform various arbitrary operations without being detected by security solutions. Details about the vulnerability were disclosed by Microsoft.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...