ID

VAR-202207-1488


CVE

CVE-2022-32824


TITLE

Vulnerabilities in multiple Apple products

Trust: 0.8

sources: JVNDB: JVNDB-2022-020310

DESCRIPTION

The issue was addressed with improved memory handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory. iPadOS , iOS , tvOS Unspecified vulnerabilities exist in multiple Apple products.Information may be obtained. iOS 15.6 and iPadOS 15.6

Trust: 1.8

sources: NVD: CVE-2022-32824 // JVNDB: JVNDB-2022-020310 // VULHUB: VHN-424913 // VULMON: CVE-2022-32824

AFFECTED PRODUCTS

vendor:applemodel:watchosscope:ltversion:8.7

Trust: 1.0

vendor:applemodel:ipadosscope:ltversion:15.6

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:15.6

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:15.6

Trust: 1.0

vendor:アップルmodel:watchosscope:eqversion:8.7

Trust: 0.8

vendor:アップルmodel:ipadosscope: - version: -

Trust: 0.8

vendor:アップルmodel:iosscope: - version: -

Trust: 0.8

vendor:アップルmodel:tvosscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-020310 // NVD: CVE-2022-32824

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-32824
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-32824
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202207-2075
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2022-32824
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2022-32824
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-020310 // CNNVD: CNNVD-202207-2075 // NVD: CVE-2022-32824

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-020310 // NVD: CVE-2022-32824

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202207-2075

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-202207-2075

PATCH

title:HT213342 Apple  Security updateurl:https://support.apple.com/en-us/HT213340

Trust: 0.8

title:Apple iOS and iPadOS Repair measures for information disclosure vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=200832

Trust: 0.6

title:Apple: iOS 15.6 and iPadOS 15.6url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=25de7f37f4830a629a57f79175aeaa2a

Trust: 0.1

sources: VULMON: CVE-2022-32824 // JVNDB: JVNDB-2022-020310 // CNNVD: CNNVD-202207-2075

EXTERNAL IDS

db:NVDid:CVE-2022-32824

Trust: 3.4

db:JVNDBid:JVNDB-2022-020310

Trust: 0.8

db:AUSCERTid:ESB-2022.3563

Trust: 0.6

db:CS-HELPid:SB2022072107

Trust: 0.6

db:CNNVDid:CNNVD-202207-2075

Trust: 0.6

db:VULHUBid:VHN-424913

Trust: 0.1

db:VULMONid:CVE-2022-32824

Trust: 0.1

sources: VULHUB: VHN-424913 // VULMON: CVE-2022-32824 // JVNDB: JVNDB-2022-020310 // CNNVD: CNNVD-202207-2075 // NVD: CVE-2022-32824

REFERENCES

url:https://support.apple.com/en-us/ht213346

Trust: 2.3

url:https://support.apple.com/en-us/ht213340

Trust: 1.7

url:https://support.apple.com/en-us/ht213342

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2022-32824

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-32824/

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-ios-multiple-vulnerabilities-38878

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3563

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022072107

Trust: 0.6

url:https://support.apple.com/kb/ht213346

Trust: 0.1

sources: VULHUB: VHN-424913 // VULMON: CVE-2022-32824 // JVNDB: JVNDB-2022-020310 // CNNVD: CNNVD-202207-2075 // NVD: CVE-2022-32824

SOURCES

db:VULHUBid:VHN-424913
db:VULMONid:CVE-2022-32824
db:JVNDBid:JVNDB-2022-020310
db:CNNVDid:CNNVD-202207-2075
db:NVDid:CVE-2022-32824

LAST UPDATE DATE

2024-08-14T12:54:07.820000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-424913date:2023-03-08T00:00:00
db:JVNDBid:JVNDB-2022-020310date:2023-11-01T07:23:00
db:CNNVDid:CNNVD-202207-2075date:2023-03-09T00:00:00
db:NVDid:CVE-2022-32824date:2023-03-08T14:36:50.060

SOURCES RELEASE DATE

db:VULHUBid:VHN-424913date:2023-02-27T00:00:00
db:JVNDBid:JVNDB-2022-020310date:2023-11-01T00:00:00
db:CNNVDid:CNNVD-202207-2075date:2022-07-20T00:00:00
db:NVDid:CVE-2022-32824date:2023-02-27T20:15:11.547