Threat Advisories - NVD Disclosed May 26, 2022

CVE-2022-22675

Apple Operating Systems Vulnerability Allows Code Execution

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in Apple operating systems could allow a malicious application to execute arbitrary code with kernel privileges. Apple is aware of reports that this issue may have been actively exploited, posing a business risk. Updates are available.

NVD published: May 26, 2022 • CISA KEV

CVE advisoryKnown Exploit

CVE-2022-22674

Apple macOS Local Memory Disclosure Advisory.

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in macOS allows local users to read kernel memory. This could lead to the disclosure of sensitive system information. The risk is moderate, requiring local access for exploitation.

NVD published: May 26, 2022 • CISA KEV

CVE advisoryKnown Exploit

CVE-2022-20821

Cisco IOS XR Network Device Data Access Vulnerability.

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

A vulnerability in Cisco IOS XR Software's health check feature could allow unauthorized remote access to an internal Redis database. This exposure may enable attackers to modify data or access information within the containerized environment, posing a risk to data integrity and confidentiality. The impact is contained

NVD published: May 26, 2022 • CISA KEV