Details of VAR-202207-1445

ID

VAR-202207-1445

CVE

CVE-2022-32818

TITLE

apple's macOS Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-018232

DESCRIPTION

The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5. An app may be able to leak sensitive kernel state. apple's macOS Exists in unspecified vulnerabilities.Information may be obtained. Apple macOS Monterey is the eighteenth major release of Apple's Macintosh desktop operating system, macOS. Apple macOS Monterey prior to 12.5 has a buffer overflow vulnerability that allows local users to access potentially sensitive information. Install updates from the vendor's website. No detailed vulnerability details were provided at this time

Trust: 1.8

sources: NVD: CVE-2022-32818 // JVNDB: JVNDB-2022-018232 // VULHUB: VHN-424907 // VULMON: CVE-2022-32818

AFFECTED PRODUCTS

vendor:	apple	model:	macos	scope:	lt	version:	12.5	Trust: 1.0
vendor:	apple	model:	macos	scope:	gte	version:	12.0	Trust: 1.0
vendor:	アップル	model:	macos	scope:	eq	version:	12.0 that's all 12.5	Trust: 0.8
vendor:	アップル	model:	macos	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-018232 // NVD: CVE-2022-32818

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-32818
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2022-32818
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202207-2007
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2022-32818
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2022-32818
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-018232 // CNNVD: CNNVD-202207-2007 // NVD: CVE-2022-32818

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-018232 // NVD: CVE-2022-32818

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202207-2007

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202207-2007

PATCH

title:	HT213345 Apple Security update	url:	https://support.apple.com/en-us/HT213345	Trust: 0.8
title:	Apple macOS Monterey Buffer error vulnerability fix	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=209232	Trust: 0.6
title:	Apple: macOS Monterey 12.5	url:	https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=c765c13fa342a7957a4e91e6dc3d34f4	Trust: 0.1

sources: VULMON: CVE-2022-32818 // JVNDB: JVNDB-2022-018232 // CNNVD: CNNVD-202207-2007

EXTERNAL IDS

db:	NVD	id:	CVE-2022-32818	Trust: 3.4
db:	JVNDB	id:	JVNDB-2022-018232	Trust: 0.8
db:	CS-HELP	id:	SB2022072101	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.3559	Trust: 0.6
db:	CNNVD	id:	CNNVD-202207-2007	Trust: 0.6
db:	CNVD	id:	CNVD-2022-71989	Trust: 0.1
db:	VULHUB	id:	VHN-424907	Trust: 0.1
db:	VULMON	id:	CVE-2022-32818	Trust: 0.1

sources: VULHUB: VHN-424907 // VULMON: CVE-2022-32818 // JVNDB: JVNDB-2022-018232 // CNNVD: CNNVD-202207-2007 // NVD: CVE-2022-32818

REFERENCES

url:	https://support.apple.com/en-us/ht213345	Trust: 2.3
url:	https://nvd.nist.gov/vuln/detail/cve-2022-32818	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2022.3559	Trust: 0.6
url:	https://vigilance.fr/vulnerability/apple-macos-12-multiple-vulnerabilities-38873	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022072101	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-32818/	Trust: 0.6
url:	https://support.apple.com/kb/ht213345	Trust: 0.1

sources: VULHUB: VHN-424907 // VULMON: CVE-2022-32818 // JVNDB: JVNDB-2022-018232 // CNNVD: CNNVD-202207-2007 // NVD: CVE-2022-32818

SOURCES

db:	VULHUB	id:	VHN-424907
db:	VULMON	id:	CVE-2022-32818
db:	JVNDB	id:	JVNDB-2022-018232
db:	CNNVD	id:	CNNVD-202207-2007
db:	NVD	id:	CVE-2022-32818

LAST UPDATE DATE

2024-08-14T12:33:11.234000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-424907	date:	2022-09-27T00:00:00
db:	JVNDB	id:	JVNDB-2022-018232	date:	2023-10-19T04:59:00
db:	CNNVD	id:	CNNVD-202207-2007	date:	2022-09-28T00:00:00
db:	NVD	id:	CVE-2022-32818	date:	2022-09-27T18:26:48.903

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-424907	date:	2022-09-23T00:00:00
db:	JVNDB	id:	JVNDB-2022-018232	date:	2023-10-19T00:00:00
db:	CNNVD	id:	CNNVD-202207-2007	date:	2022-07-20T00:00:00
db:	NVD	id:	CVE-2022-32818	date:	2022-09-23T19:15:12.923