CVE-2022-26691

Description

A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges.

Risk Information

Base Score

6.7

MODERATE

Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

0.024

Associated Vulnerability

Vulnerability	OS Platform
Multiple vulnerabilities are fixed in Mac OS - Monterey 12.3 (Software Update) - AutoReboot	Mac
Multiple vulnerabilities are fixed in Mac OS - Monterey 12.3.1 (Software Update) - AutoReboot	Mac
Multiple vulnerabilities are fixed in MacOS Big Sur 11.6.5 - Software Update	Mac
cups security update(DSA-5149-1) cups_2.2.10-6+deb10u6_i386.deb	Linux
cups security update(DSA-5149-1) cups_2.2.10-6+deb10u6_amd64.deb	Linux
cups security update(DSA-5149-1) cups_2.3.3op2-3+deb11u2_amd64.deb	Linux
Common UNIX Printing System(tm) (USN-5454-1) cups_2.2.7-1ubuntu2.9_i386.deb	Linux
Common UNIX Printing System(tm) (USN-5454-1) cups_2.2.7-1ubuntu2.9_amd64.deb	Linux
Common UNIX Printing System(tm) (USN-5454-1) cups_2.3.1-9ubuntu1.2_amd64.deb	Linux
Common UNIX Printing System(tm) (USN-5454-1) cups_2.3.3op2-7ubuntu2.1_amd64.deb	Linux
Common UNIX Printing System(tm) (USN-5454-1) cups_2.4.1op1-1ubuntu4.1_amd64.deb	Linux
(RHSA-2022:5056) cups security and bug fix update cups-debugsource-2.2.6-45.el8_6.2.i686.rpm	Linux
(RHSA-2022:5056) cups security and bug fix update cups-debugsource-2.2.6-45.el8_6.2.x86_64.rpm	Linux
(RHSA-2022:5056) cups security and bug fix update cups-lpd-2.2.6-45.el8_6.2.x86_64.rpm	Linux
Cups update (ELSA-2022-5056) cups-2.2.6-45.el8_6.2.x86_64.rpm	Linux
Cups-client update (ELSA-2022-5056) cups-client-2.2.6-45.el8_6.2.x86_64.rpm	Linux
Cups-devel update (ELSA-2022-5056) cups-devel-2.2.6-45.el8_6.2.i686.rpm	Linux
Cups-devel update (ELSA-2022-5056) cups-devel-2.2.6-45.el8_6.2.x86_64.rpm	Linux
Cups-filesystem update (ELSA-2022-5056) cups-filesystem-2.2.6-45.el8_6.2.noarch.rpm	Linux
Cups-ipptool update (ELSA-2022-5056) cups-ipptool-2.2.6-45.el8_6.2.x86_64.rpm	Linux
Cups-libs update (ELSA-2022-5056) cups-libs-2.2.6-45.el8_6.2.i686.rpm	Linux
Cups-libs update (ELSA-2022-5056) cups-libs-2.2.6-45.el8_6.2.x86_64.rpm	Linux
Cups-lpd update (ELSA-2022-5056) cups-lpd-2.2.6-45.el8_6.2.x86_64.rpm	Linux
cups security and bug fix update (RLSA-2022:5056) cups-2.2.6-45.el8_6.2.x86_64.rpm	Linux
cups security and bug fix update (RLSA-2022:5056) cups-lpd-2.2.6-45.el8_6.2.x86_64.rpm	Linux
cups security and bug fix update (RLSA-2022:5056) cups-libs-2.2.6-45.el8_6.2.i686.rpm	Linux
cups security and bug fix update (RLSA-2022:5056) cups-libs-2.2.6-45.el8_6.2.x86_64.rpm	Linux
cups security and bug fix update (RLSA-2022:5056) cups-devel-2.2.6-45.el8_6.2.i686.rpm	Linux
cups security and bug fix update (RLSA-2022:5056) cups-devel-2.2.6-45.el8_6.2.x86_64.rpm	Linux
cups security and bug fix update (RLSA-2022:5056) cups-client-2.2.6-45.el8_6.2.x86_64.rpm	Linux
cups security and bug fix update (RLSA-2022:5056) cups-ipptool-2.2.6-45.el8_6.2.x86_64.rpm	Linux
cups security and bug fix update (RLSA-2022:5056) cups-filesystem-2.2.6-45.el8_6.2.noarch.rpm	Linux
Cups update (ELSA-2022-4990) cups-2.3.3op2-13.el9_0.1.x86_64.rpm	Linux
Cups-client update (ELSA-2022-4990) cups-client-2.3.3op2-13.el9_0.1.x86_64.rpm	Linux
Cups-devel update (ELSA-2022-4990) cups-devel-2.3.3op2-13.el9_0.1.i686.rpm	Linux
Cups-devel update (ELSA-2022-4990) cups-devel-2.3.3op2-13.el9_0.1.x86_64.rpm	Linux
Cups-filesystem update (ELSA-2022-4990) cups-filesystem-2.3.3op2-13.el9_0.1.noarch.rpm	Linux
Cups-ipptool update (ELSA-2022-4990) cups-ipptool-2.3.3op2-13.el9_0.1.x86_64.rpm	Linux
Cups-libs update (ELSA-2022-4990) cups-libs-2.3.3op2-13.el9_0.1.i686.rpm	Linux
Cups-libs update (ELSA-2022-4990) cups-libs-2.3.3op2-13.el9_0.1.x86_64.rpm	Linux
Cups-lpd update (ELSA-2022-4990) cups-lpd-2.3.3op2-13.el9_0.1.x86_64.rpm	Linux
Cups-printerapp update (ELSA-2022-4990) cups-printerapp-2.3.3op2-13.el9_0.1.x86_64.rpm	Linux
(RHSA-2022:4990) cups security update cups-2.3.3op2-13.el9_0.1.x86_64.rpm	Linux
(RHSA-2022:4990) cups security update cups-client-2.3.3op2-13.el9_0.1.x86_64.rpm	Linux
(RHSA-2022:4990) cups security update cups-debugsource-2.3.3op2-13.el9_0.1.i686.rpm	Linux
(RHSA-2022:4990) cups security update cups-debugsource-2.3.3op2-13.el9_0.1.x86_64.rpm	Linux
(RHSA-2022:4990) cups security update cups-devel-2.3.3op2-13.el9_0.1.i686.rpm	Linux
(RHSA-2022:4990) cups security update cups-devel-2.3.3op2-13.el9_0.1.x86_64.rpm	Linux
(RHSA-2022:4990) cups security update cups-filesystem-2.3.3op2-13.el9_0.1.noarch.rpm	Linux
(RHSA-2022:4990) cups security update cups-ipptool-2.3.3op2-13.el9_0.1.x86_64.rpm	Linux
(RHSA-2022:4990) cups security update cups-libs-2.3.3op2-13.el9_0.1.i686.rpm	Linux
(RHSA-2022:4990) cups security update cups-libs-2.3.3op2-13.el9_0.1.x86_64.rpm	Linux
(RHSA-2022:4990) cups security update cups-lpd-2.3.3op2-13.el9_0.1.x86_64.rpm	Linux
(RHSA-2022:4990) cups security update cups-printerapp-2.3.3op2-13.el9_0.1.x86_64.rpm	Linux
SUSE-SU-2022:1861-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) cups-2.2.7-150000.3.32.1.x86_64_15_SP3.rpm	Linux
SUSE-SU-2022:1861-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) libcups2-2.2.7-150000.3.32.1.x86_64_15_SP3.rpm	Linux
SUSE-SU-2022:1861-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) cups-devel-2.2.7-150000.3.32.1.x86_64_15_SP3.rpm	Linux
SUSE-SU-2022:1861-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) cups-client-2.2.7-150000.3.32.1.x86_64_15_SP3.rpm	Linux
SUSE-SU-2022:1861-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) cups-config-2.2.7-150000.3.32.1.x86_64_15_SP3.rpm	Linux
SUSE-SU-2022:1861-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) libcupscgi1-2.2.7-150000.3.32.1.x86_64_15_SP3.rpm	Linux
SUSE-SU-2022:1861-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) libcupsmime1-2.2.7-150000.3.32.1.x86_64_15_SP3.rpm	Linux
SUSE-SU-2022:1861-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) libcupsppdc1-2.2.7-150000.3.32.1.x86_64_15_SP3.rpm	Linux
SUSE-SU-2022:1861-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) libcupsimage2-2.2.7-150000.3.32.1.x86_64_15_SP3.rpm	Linux
SUSE-SU-2022:1861-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) libcups2-32bit-2.2.7-150000.3.32.1.x86_64_15_SP3.rpm	Linux
cups security update(DSA-5149-1) cups_2.3.3op2-3+deb11u2_i386.deb	Linux
cups Security Update (ALAS2023-2023-073) cups-2.3.3op2-18.amzn2023.0.2.x86_64.rpm	Linux
cups Security Update (ALAS2023-2023-073) cups-client-2.3.3op2-18.amzn2023.0.2.x86_64.rpm	Linux
cups Security Update (ALAS2023-2023-073) cups-devel-2.3.3op2-18.amzn2023.0.2.x86_64.rpm	Linux
cups Security Update (ALAS2023-2023-073) cups-filesystem-2.3.3op2-18.amzn2023.0.2.noarch.rpm	Linux
cups Security Update (ALAS2023-2023-073) cups-ipptool-2.3.3op2-18.amzn2023.0.2.x86_64.rpm	Linux
cups Security Update (ALAS2023-2023-073) cups-libs-2.3.3op2-18.amzn2023.0.2.x86_64.rpm	Linux
cups Security Update (ALAS2023-2023-073) cups-lpd-2.3.3op2-18.amzn2023.0.2.x86_64.rpm	Linux
cups Security Update (ALAS2023-2023-073) cups-printerapp-2.3.3op2-18.amzn2023.0.2.x86_64.rpm	Linux
Incorrect Comparison Vulnerability (CVE-2022-26691)	NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-608134	Mac OS - Monterey 12.7.6 (Software Update) - AutoReboot (CVE-2024-27877)
PATCH-608134	Mac OS - Monterey 12.7.6 (Software Update) - AutoReboot (CVE-2024-27877)
PATCH-605753	MacOS Big Sur 11.7.10 - Software Update (Force Reboot)(CVE-2023-41064)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234