ID

VAR-202207-1486


CVE

CVE-2022-32828


TITLE

Vulnerabilities in multiple Apple products

Trust: 0.8

sources: JVNDB: JVNDB-2022-018215

DESCRIPTION

The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, tvOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel memory. iPadOS , iOS , macOS Unspecified vulnerabilities exist in multiple Apple products.Information may be obtained. Both Apple iOS and Apple iPadOS are products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Apple iOS versions prior to 15.6 and iPadOS versions prior to 15.6 have a security vulnerability that allows native apps to access sensitive information. iOS 15.6 and iPadOS 15.6

Trust: 1.8

sources: NVD: CVE-2022-32828 // JVNDB: JVNDB-2022-018215 // VULHUB: VHN-424917 // VULMON: CVE-2022-32828

AFFECTED PRODUCTS

vendor:applemodel:ipadosscope:ltversion:15.6

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:15.6

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:15.6

Trust: 1.0

vendor:applemodel:macosscope:ltversion:12.5

Trust: 1.0

vendor:applemodel:macosscope:gteversion:12.0

Trust: 1.0

vendor:アップルmodel:ipadosscope: - version: -

Trust: 0.8

vendor:アップルmodel:tvosscope:eqversion:15.6

Trust: 0.8

vendor:アップルmodel:iosscope: - version: -

Trust: 0.8

vendor:アップルmodel:macosscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-018215 // NVD: CVE-2022-32828

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-32828
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-32828
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202207-2085
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2022-32828
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2022-32828
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-018215 // CNNVD: CNNVD-202207-2085 // NVD: CVE-2022-32828

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-018215 // NVD: CVE-2022-32828

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202207-2085

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202207-2085

PATCH

title:HT213345 Apple  Security updateurl:https://support.apple.com/en-us/HT213342

Trust: 0.8

title:Multiple Apple product Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=209249

Trust: 0.6

title:Apple: iOS 15.6 and iPadOS 15.6url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=25de7f37f4830a629a57f79175aeaa2a

Trust: 0.1

title:Apple: macOS Monterey 12.5url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=c765c13fa342a7957a4e91e6dc3d34f4

Trust: 0.1

sources: VULMON: CVE-2022-32828 // JVNDB: JVNDB-2022-018215 // CNNVD: CNNVD-202207-2085

EXTERNAL IDS

db:NVDid:CVE-2022-32828

Trust: 3.4

db:JVNDBid:JVNDB-2022-018215

Trust: 0.8

db:CNNVDid:CNNVD-202207-2085

Trust: 0.7

db:AUSCERTid:ESB-2022.3559

Trust: 0.6

db:CS-HELPid:SB2022072107

Trust: 0.6

db:VULHUBid:VHN-424917

Trust: 0.1

db:VULMONid:CVE-2022-32828

Trust: 0.1

sources: VULHUB: VHN-424917 // VULMON: CVE-2022-32828 // JVNDB: JVNDB-2022-018215 // CNNVD: CNNVD-202207-2085 // NVD: CVE-2022-32828

REFERENCES

url:https://support.apple.com/en-us/ht213346

Trust: 2.3

url:https://support.apple.com/en-us/ht213342

Trust: 1.7

url:https://support.apple.com/en-us/ht213345

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2022-32828

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2022.3559

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-macos-12-multiple-vulnerabilities-38873

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-32828/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022072107

Trust: 0.6

url:https://support.apple.com/kb/ht213346

Trust: 0.1

sources: VULHUB: VHN-424917 // VULMON: CVE-2022-32828 // JVNDB: JVNDB-2022-018215 // CNNVD: CNNVD-202207-2085 // NVD: CVE-2022-32828

SOURCES

db:VULHUBid:VHN-424917
db:VULMONid:CVE-2022-32828
db:JVNDBid:JVNDB-2022-018215
db:CNNVDid:CNNVD-202207-2085
db:NVDid:CVE-2022-32828

LAST UPDATE DATE

2024-08-14T12:35:11.309000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-424917date:2023-01-09T00:00:00
db:JVNDBid:JVNDB-2022-018215date:2023-10-19T03:21:00
db:CNNVDid:CNNVD-202207-2085date:2022-09-28T00:00:00
db:NVDid:CVE-2022-32828date:2023-01-09T16:41:59.350

SOURCES RELEASE DATE

db:VULHUBid:VHN-424917date:2022-09-23T00:00:00
db:JVNDBid:JVNDB-2022-018215date:2023-10-19T00:00:00
db:CNNVDid:CNNVD-202207-2085date:2022-07-20T00:00:00
db:NVDid:CVE-2022-32828date:2022-09-23T19:15:13.240