ID

VAR-202205-1317


CVE

CVE-2022-26762


TITLE

Apple iOS and Apple iPadOS Buffer error vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202205-3463

DESCRIPTION

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious application may be able to execute arbitrary code with system privileges

Trust: 1.08

sources: NVD: CVE-2022-26762 // VULHUB: VHN-417431 // VULMON: CVE-2022-26762

AFFECTED PRODUCTS

vendor:applemodel:macosscope:ltversion:12.4

Trust: 1.0

vendor:applemodel:macosscope:gteversion:12.0.0

Trust: 1.0

vendor:applemodel:ipadosscope:ltversion:15.5

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:15.5

Trust: 1.0

sources: NVD: CVE-2022-26762

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-26762
value: HIGH

Trust: 1.0

CNNVD: CNNVD-202205-3463
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-26762
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: CNNVD: CNNVD-202205-3463 // NVD: CVE-2022-26762

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

sources: NVD: CVE-2022-26762

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202205-3463

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202205-3463

PATCH

title:Apple iOS and Apple iPadOS Buffer error vulnerability fixurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=192998

Trust: 0.6

title:Apple: macOS Monterey 12.4url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=73857ee26a600b1527481f1deacc0619

Trust: 0.1

title:Apple: iOS 15.5 and iPadOS 15.5url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=f66f27c9aed3f1df2b9271d627617604

Trust: 0.1

sources: VULMON: CVE-2022-26762 // CNNVD: CNNVD-202205-3463

EXTERNAL IDS

db:NVDid:CVE-2022-26762

Trust: 1.8

db:CS-HELPid:SB2022051705

Trust: 0.6

db:AUSCERTid:ESB-2022.2407

Trust: 0.6

db:CNNVDid:CNNVD-202205-3463

Trust: 0.6

db:VULHUBid:VHN-417431

Trust: 0.1

db:VULMONid:CVE-2022-26762

Trust: 0.1

sources: VULHUB: VHN-417431 // VULMON: CVE-2022-26762 // CNNVD: CNNVD-202205-3463 // NVD: CVE-2022-26762

REFERENCES

url:https://support.apple.com/en-us/ht213258

Trust: 2.3

url:https://support.apple.com/en-us/ht213257

Trust: 1.7

url:https://www.cybersecurity-help.cz/vdb/sb2022051705

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-ios-multiple-vulnerabilities-38380

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2407

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-26762/

Trust: 0.6

url:https://support.apple.com/kb/ht213257

Trust: 0.1

sources: VULHUB: VHN-417431 // VULMON: CVE-2022-26762 // CNNVD: CNNVD-202205-3463 // NVD: CVE-2022-26762

SOURCES

db:VULHUBid:VHN-417431
db:VULMONid:CVE-2022-26762
db:CNNVDid:CNNVD-202205-3463
db:NVDid:CVE-2022-26762

LAST UPDATE DATE

2024-08-14T12:41:51.171000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-417431date:2022-11-03T00:00:00
db:CNNVDid:CNNVD-202205-3463date:2022-11-04T00:00:00
db:NVDid:CVE-2022-26762date:2023-08-08T14:21:49.707

SOURCES RELEASE DATE

db:VULHUBid:VHN-417431date:2022-11-01T00:00:00
db:CNNVDid:CNNVD-202205-3463date:2022-05-16T00:00:00
db:NVDid:CVE-2022-26762date:2022-11-01T20:15:17.650