Sign-up

ID

VAR-202205-1330


CVE

CVE-2022-26768


TITLE

plural  Apple  product   Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-011434

DESCRIPTION

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, watchOS 8.6, tvOS 15.5, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges. macOS , watchOS , tvOS Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-07-20-1 iOS 15.6 and iPadOS 15.6 iOS 15.6 and iPadOS 15.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213346. APFS Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32832: Tommy Muir (@Muirey03) AppleAVD Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A remote user may be able to cause kernel code execution Description: A buffer overflow was addressed with improved bounds checking. CVE-2022-32788: Natalie Silvanovich of Google Project Zero AppleAVD Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An app may be able to disclose kernel memory Description: The issue was addressed with improved memory handling. CVE-2022-32824: Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom) AppleMobileFileIntegrity Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An app may be able to gain root privileges Description: An authorization issue was addressed with improved state management. CVE-2022-32826: Mickey Jin (@patch1t) of Trend Micro Apple Neural Engine Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An app may be able to break out of its sandbox Description: This issue was addressed with improved checks. CVE-2022-32845: Mohamed Ghannam (@_simo36) Apple Neural Engine Available for devices with Apple Neural Engine: iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation) Impact: An app may be able to execute arbitrary code with kernel privileges Description: This issue was addressed with improved checks. CVE-2022-32840: Mohamed Ghannam (@_simo36) CVE-2022-32829: an anonymous researcher Apple Neural Engine Available for devices with Apple Neural Engine: iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation) Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32810: Mohamed Ghannam (@_simo36) Audio Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An app may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2022-32820: an anonymous researcher Audio Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An app may be able to disclose kernel memory Description: The issue was addressed with improved memory handling. CVE-2022-32825: John Aakerblom (@jaakerblom) CoreMedia Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An app may be able to disclose kernel memory Description: The issue was addressed with improved memory handling. CVE-2022-32828: Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom) CoreText Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A remote user may cause an unexpected app termination or arbitrary code execution Description: The issue was addressed with improved bounds checks. CVE-2022-32839: STAR Labs (@starlabs_sg) File System Events Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An app may be able to gain root privileges Description: A logic issue was addressed with improved state management. CVE-2022-32819: Joshua Mason of Mandiant GPU Drivers Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An app may be able to disclose kernel memory Description: Multiple out-of-bounds write issues were addressed with improved bounds checking. CVE-2022-32793: an anonymous researcher GPU Drivers Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An app may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved validation. CVE-2022-32821: John Aakerblom (@jaakerblom) Home Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A user may be able to view restricted content from the lock screen Description: A logic issue was addressed with improved state management. CVE-2022-32855: an anonymous researcher iCloud Photo Library Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An app may be able to access sensitive user information Description: An information disclosure issue was addressed by removing the vulnerable code. CVE-2022-32849: Joshua Jones ICU Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-32787: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ. ImageIO Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted image may result in disclosure of process memory Description: The issue was addressed with improved memory handling. CVE-2022-32841: hjy79425575 ImageIO Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted file may lead to arbitrary code execution Description: A logic issue was addressed with improved checks. CVE-2022-32802: Ivan Fratric of Google Project Zero, Mickey Jin (@patch1t) ImageIO Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted image may lead to disclosure of user information Description: An out-of-bounds read issue was addressed with improved bounds checking. CVE-2022-32830: Ye Zhang (@co0py_Cat) of Baidu Security ImageIO Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing an image may lead to a denial-of-service Description: A null pointer dereference was addressed with improved validation. CVE-2022-32785: Yiğit Can YILMAZ (@yilmazcanyigit) IOMobileFrameBuffer Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2022-26768: an anonymous researcher Kernel Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32813: Xinru Chi of Pangu Lab CVE-2022-32815: Xinru Chi of Pangu Lab Kernel Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An app may be able to disclose kernel memory Description: An out-of-bounds read issue was addressed with improved bounds checking. CVE-2022-32817: Xinru Chi of Pangu Lab Kernel Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication Description: A logic issue was addressed with improved state management. CVE-2022-32844: Sreejith Krishnan R (@skr0x1c0) Kernel Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication Description: A race condition was addressed with improved state handling. CVE-2022-32844: Sreejith Krishnan R (@skr0x1c0) Liblouis Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An app may cause unexpected app termination or arbitrary code execution Description: This issue was addressed with improved checks. CVE-2022-26981: Hexhive (hexhive.epfl.ch), NCNIPC of China (nipc.org.cn) libxml2 Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An app may be able to leak sensitive user information Description: A memory initialization issue was addressed with improved memory handling. CVE-2022-32823 Multi-Touch Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An app may be able to execute arbitrary code with kernel privileges Description: A type confusion issue was addressed with improved state handling. CVE-2022-32814: Pan ZhenPeng (@Peterpan0927) PluginKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An app may be able to read arbitrary files Description: A logic issue was addressed with improved state management. CVE-2022-32838: Mickey Jin (@patch1t) of Trend Micro Safari Extensions Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Visiting a maliciously crafted website may leak sensitive data Description: The issue was addressed with improved UI handling. CVE-2022-32784: Young Min Kim of CompSec Lab at Seoul National University Software Update Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A user in a privileged network position can track a user’s activity Description: This issue was addressed by using HTTPS when sending information over the network. CVE-2022-32857: Jeffrey Paul (sneak.berlin) WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Visiting a website that frames malicious content may lead to UI spoofing Description: The issue was addressed with improved UI handling. WebKit Bugzilla: 239316 CVE-2022-32816: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ. WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation. WebKit Bugzilla: 240720 CVE-2022-32792: Manfred Paul (@_manfp) working with Trend Micro Zero Day Initiative WebRTC Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. WebKit Bugzilla: 242339 CVE-2022-2294: Jan Vojtesek of Avast Threat Intelligence team Wi-Fi Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An app may be able to cause unexpected system termination or write kernel memory Description: This issue was addressed with improved checks. CVE-2022-32837: Wang Yu of Cyberserval Wi-Fi Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A remote user may be able to cause unexpected system termination or corrupt kernel memory Description: This issue was addressed with improved checks. CVE-2022-32847: Wang Yu of Cyberserval Additional recognition 802.1X We would like to acknowledge Shin Sun of National Taiwan University for their assistance. AppleMobileFileIntegrity We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security, Mickey Jin (@patch1t) of Trend Micro, and Wojciech Reguła (@_r3ggi) of SecuRing for their assistance. configd We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security, Mickey Jin (@patch1t) of Trend Micro, and Wojciech Reguła (@_r3ggi) of SecuRing for their assistance. This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 15.6 and iPadOS 15.6". All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmLYeuMACgkQeC9qKD1p rhhc5hAA2emrXEYGmfH1M/gji0MOPflW+wrr0y8buntNyeJYFQbf1xgGkr9hmHlM DkROvVCXDzuMyH9QDOPNFGPqBTAe/5cL+auNq497f/vGVjEOZ09Y4vC/FVBBklgo kQND7CoWBhk99PgNxVdJyzkeKhBEs9JrNaIyGVqg8tChTWWghRzyyyQfHpSQfwj1 M9042Kj8w9hi4SrY9R8Oe+QrcCYw/lYo3yO6WIUfajzIs/urT175BFedXS+9l4cK 6srMpa/n67w3XZU9psQBVddlkVDymx1c5Lzuo84haM7TYNddOYDVluP+676Uq0vj 5E24vTuGLS+vdDlJri6WMJv2d7NZ8dtJAVhPioP3ThGGsAXdpT/PmNbkc5R0RbiV TKs/2CDK4+raGHlOz6leuEfUJtUD1rHLI5n21XBQY1HOvwB9CDqGc5l7FpRoMdaj DY/8yaIbWKVu1iycA2NAsxfyc9u1QTwwluGmzelpo9XdAWIZ17j6Dkalta9scCQb akHz3M1PSAYw4ljfGuYYiHElAKuZn/daeAUKZ0zMJOVdHtecliJbV3VlqMzaOKqm gXWNoBOwCow8Tj80F2dFNTvlQe91L8r7NeQAo7KCzEXbVSQqfemojtrREl5BvmWS 9s7+QxqDWAHSUr+WakmKTESMA3DTlZBhBbUXE+uNRrEwboUQKeI= =Nnrk -----END PGP SIGNATURE----- . Apple is aware of a report that this issue may have been actively exploited. CVE-2022-26724: Jorge A. CVE-2022-26765: Linus Henze of Pinauten GmbH (pinauten.de) LaunchServices Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: An access issue was addressed with additional sandbox restrictions on third-party applications. WebKit We would like to acknowledge James Lee, an anonymous researcher for their assistance

Trust: 2.07

sources: NVD: CVE-2022-26768 // JVNDB: JVNDB-2022-011434 // VULHUB: VHN-417437 // VULMON: CVE-2022-26768 // PACKETSTORM: 167193 // PACKETSTORM: 167786 // PACKETSTORM: 167194

AFFECTED PRODUCTS

vendor:applemodel:macosscope:ltversion:12.4

Trust: 1.0

vendor:applemodel:ipadosscope:ltversion:15.6

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:15.5

Trust: 1.0

vendor:applemodel:watchosscope:ltversion:8.6

Trust: 1.0

vendor:applemodel:macosscope:ltversion:11.6.6

Trust: 1.0

vendor:applemodel:macosscope:gteversion:11.0

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:15.6

Trust: 1.0

vendor:applemodel:macosscope:gteversion:12.0

Trust: 1.0

vendor:アップルmodel:iosscope: - version: -

Trust: 0.8

vendor:アップルmodel:watchosscope: - version: -

Trust: 0.8

vendor:アップルmodel:tvosscope: - version: -

Trust: 0.8

vendor:アップルmodel:ipadosscope: - version: -

Trust: 0.8

vendor:アップルmodel:macosscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-011434 // NVD: CVE-2022-26768

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-26768
value: HIGH

Trust: 1.0

NVD: CVE-2022-26768
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202205-3495
value: HIGH

Trust: 0.6

VULHUB: VHN-417437
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2022-26768
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-417437
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-26768
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2022-26768
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-417437 // JVNDB: JVNDB-2022-011434 // CNNVD: CNNVD-202205-3495 // NVD: CVE-2022-26768

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

problemtype:Out-of-bounds writing (CWE-787) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-417437 // JVNDB: JVNDB-2022-011434 // NVD: CVE-2022-26768

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202205-3495

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202205-3495

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-417437

PATCH
title:HT213256 Apple  Security updateurl:https://support.apple.com/en-us/HT213253
Trust: 0.8
title:Apple TV Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=193021
Trust: 0.6
title:Apple: macOS Monterey 12.4url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=73857ee26a600b1527481f1deacc0619
Trust: 0.1
title:Apple: iOS 15.5 and iPadOS 15.5url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=f66f27c9aed3f1df2b9271d627617604
Trust: 0.1
title:Apple: watchOS 8.6url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=6bd411659b23f6a36cfd1c59cf69e092
Trust: 0.1
sources:
            
            
            VULMON: CVE-2022-26768 // 
            
            
            
            JVNDB: JVNDB-2022-011434 // 
            
            
            
            CNNVD: CNNVD-202205-3495

EXTERNAL IDS
db:NVDid:CVE-2022-26768
Trust: 3.7
db:PACKETSTORMid:167786
Trust: 0.8
db:PACKETSTORMid:167194
Trust: 0.8
db:JVNDBid:JVNDB-2022-011434
Trust: 0.8
db:CS-HELPid:SB2022051708
Trust: 0.6
db:CS-HELPid:SB2022072105
Trust: 0.6
db:AUSCERTid:ESB-2022.2410
Trust: 0.6
db:AUSCERTid:ESB-2022.3558
Trust: 0.6
db:CNNVDid:CNNVD-202205-3495
Trust: 0.6
db:PACKETSTORMid:167193
Trust: 0.2
db:VULHUBid:VHN-417437
Trust: 0.1
db:VULMONid:CVE-2022-26768
Trust: 0.1
sources:
            
            
            VULHUB: VHN-417437 // 
            
            
            
            VULMON: CVE-2022-26768 // 
            
            
            
            JVNDB: JVNDB-2022-011434 // 
            
            
            
            PACKETSTORM: 167193 // 
            
            
            
            PACKETSTORM: 167786 // 
            
            
            
            PACKETSTORM: 167194 // 
            
            
            
            CNNVD: CNNVD-202205-3495 // 
            
            
            
            NVD: CVE-2022-26768

REFERENCES
url:https://support.apple.com/en-us/ht213254
Trust: 2.3
url:https://support.apple.com/kb/ht213346
Trust: 1.7
url:http://seclists.org/fulldisclosure/2022/jul/12
Trust: 1.7
url:https://support.apple.com/en-us/ht213253
Trust: 1.7
url:https://support.apple.com/en-us/ht213256
Trust: 1.7
url:https://support.apple.com/en-us/ht213257
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2022-26768
Trust: 1.1
url:https://www.auscert.org.au/bulletins/esb-2022.3558
Trust: 0.6
url:https://www.cybersecurity-help.cz/vdb/sb2022072105
Trust: 0.6
url:https://vigilance.fr/vulnerability/apple-ios-multiple-vulnerabilities-38380
Trust: 0.6
url:https://cxsecurity.com/cveshow/cve-2022-26768/
Trust: 0.6
url:https://www.cybersecurity-help.cz/vdb/sb2022051708
Trust: 0.6
url:https://packetstormsecurity.com/files/167786/apple-security-advisory-2022-07-20-1.html
Trust: 0.6
url:https://support.apple.com/en-us/ht213346
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2022.2410
Trust: 0.6
url:https://packetstormsecurity.com/files/167194/apple-security-advisory-2022-05-16-6.html
Trust: 0.6
url:https://www.apple.com/support/security/pgp/
Trust: 0.3
url:https://support.apple.com/en-us/ht201222.
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2022-23308
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-26719
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-26766
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-26714
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-26709
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-26702
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-26764
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-26717
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-26745
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-26765
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-26700
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-26716
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-26757
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-22675
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-26706
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-26710
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-26763
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2022-26711
Trust: 0.2
url:https://support.apple.com/kb/ht213257
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-26771
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-26726
Trust: 0.1
url:https://support.apple.com/kb/ht204641
Trust: 0.1
url:https://support.apple.com/ht213253.
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-2294
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-32792
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-32784
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-32788
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-32802
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-32810
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-32814
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-32813
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-32785
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-32793
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-26981
Trust: 0.1
url:https://www.apple.com/itunes/
Trust: 0.1
url:https://support.apple.com/ht213346.
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-32815
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-32787
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-26701
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-26738
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-26740
Trust: 0.1
url:https://support.apple.com/ht213254.
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-26736
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-26737
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-26724
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2022-26739
Trust: 0.1
sources:
            
            
            VULHUB: VHN-417437 // 
            
            
            
            VULMON: CVE-2022-26768 // 
            
            
            
            JVNDB: JVNDB-2022-011434 // 
            
            
            
            PACKETSTORM: 167193 // 
            
            
            
            PACKETSTORM: 167786 // 
            
            
            
            PACKETSTORM: 167194 // 
            
            
            
            CNNVD: CNNVD-202205-3495 // 
            
            
            
            NVD: CVE-2022-26768

CREDITS
Apple
Trust: 0.3
sources:
            
            
            PACKETSTORM: 167193 // 
            
            
            
            PACKETSTORM: 167786 // 
            
            
            
            PACKETSTORM: 167194

SOURCES
db:VULHUBid:VHN-417437
db:VULMONid:CVE-2022-26768
db:JVNDBid:JVNDB-2022-011434
db:PACKETSTORMid:167193
db:PACKETSTORMid:167786
db:PACKETSTORMid:167194
db:CNNVDid:CNNVD-202205-3495
db:NVDid:CVE-2022-26768

LAST UPDATE DATE
2024-08-14T13:01:39.042000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-417437date:2023-01-09T00:00:00
db:JVNDBid:JVNDB-2022-011434date:2023-08-22T05:33:00
db:CNNVDid:CNNVD-202205-3495date:2022-07-25T00:00:00
db:NVDid:CVE-2022-26768date:2023-01-09T16:41:59.350

SOURCES RELEASE DATE
db:VULHUBid:VHN-417437date:2022-05-26T00:00:00
db:JVNDBid:JVNDB-2022-011434date:2023-08-22T00:00:00
db:PACKETSTORMid:167193date:2022-05-17T17:06:32
db:PACKETSTORMid:167786date:2022-07-22T16:22:17
db:PACKETSTORMid:167194date:2022-05-17T17:06:48
db:CNNVDid:CNNVD-202205-3495date:2022-05-16T00:00:00
db:NVDid:CVE-2022-26768date:2022-05-26T20:15:09.783