ID

VAR-202207-1445


CVE

CVE-2022-32818


TITLE

apple's  macOS  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-018232

DESCRIPTION

The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5. An app may be able to leak sensitive kernel state. apple's macOS Exists in unspecified vulnerabilities.Information may be obtained. Apple macOS Monterey is the eighteenth major release of Apple's Macintosh desktop operating system, macOS. Apple macOS Monterey prior to 12.5 has a buffer overflow vulnerability that allows local users to access potentially sensitive information. Install updates from the vendor's website. No detailed vulnerability details were provided at this time

Trust: 1.8

sources: NVD: CVE-2022-32818 // JVNDB: JVNDB-2022-018232 // VULHUB: VHN-424907 // VULMON: CVE-2022-32818

AFFECTED PRODUCTS

vendor:applemodel:macosscope:ltversion:12.5

Trust: 1.0

vendor:applemodel:macosscope:gteversion:12.0

Trust: 1.0

vendor:アップルmodel:macosscope:eqversion:12.0 that's all 12.5

Trust: 0.8

vendor:アップルmodel:macosscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-018232 // NVD: CVE-2022-32818

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-32818
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-32818
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202207-2007
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2022-32818
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2022-32818
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-018232 // CNNVD: CNNVD-202207-2007 // NVD: CVE-2022-32818

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-018232 // NVD: CVE-2022-32818

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202207-2007

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202207-2007

PATCH

title:HT213345 Apple  Security updateurl:https://support.apple.com/en-us/HT213345

Trust: 0.8

title:Apple macOS Monterey Buffer error vulnerability fixurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=209232

Trust: 0.6

title:Apple: macOS Monterey 12.5url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=c765c13fa342a7957a4e91e6dc3d34f4

Trust: 0.1

sources: VULMON: CVE-2022-32818 // JVNDB: JVNDB-2022-018232 // CNNVD: CNNVD-202207-2007

EXTERNAL IDS

db:NVDid:CVE-2022-32818

Trust: 3.4

db:JVNDBid:JVNDB-2022-018232

Trust: 0.8

db:CS-HELPid:SB2022072101

Trust: 0.6

db:AUSCERTid:ESB-2022.3559

Trust: 0.6

db:CNNVDid:CNNVD-202207-2007

Trust: 0.6

db:CNVDid:CNVD-2022-71989

Trust: 0.1

db:VULHUBid:VHN-424907

Trust: 0.1

db:VULMONid:CVE-2022-32818

Trust: 0.1

sources: VULHUB: VHN-424907 // VULMON: CVE-2022-32818 // JVNDB: JVNDB-2022-018232 // CNNVD: CNNVD-202207-2007 // NVD: CVE-2022-32818

REFERENCES

url:https://support.apple.com/en-us/ht213345

Trust: 2.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-32818

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2022.3559

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-macos-12-multiple-vulnerabilities-38873

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022072101

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-32818/

Trust: 0.6

url:https://support.apple.com/kb/ht213345

Trust: 0.1

sources: VULHUB: VHN-424907 // VULMON: CVE-2022-32818 // JVNDB: JVNDB-2022-018232 // CNNVD: CNNVD-202207-2007 // NVD: CVE-2022-32818

SOURCES

db:VULHUBid:VHN-424907
db:VULMONid:CVE-2022-32818
db:JVNDBid:JVNDB-2022-018232
db:CNNVDid:CNNVD-202207-2007
db:NVDid:CVE-2022-32818

LAST UPDATE DATE

2024-08-14T12:33:11.234000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-424907date:2022-09-27T00:00:00
db:JVNDBid:JVNDB-2022-018232date:2023-10-19T04:59:00
db:CNNVDid:CNNVD-202207-2007date:2022-09-28T00:00:00
db:NVDid:CVE-2022-32818date:2022-09-27T18:26:48.903

SOURCES RELEASE DATE

db:VULHUBid:VHN-424907date:2022-09-23T00:00:00
db:JVNDBid:JVNDB-2022-018232date:2023-10-19T00:00:00
db:CNNVDid:CNNVD-202207-2007date:2022-07-20T00:00:00
db:NVDid:CVE-2022-32818date:2022-09-23T19:15:12.923