Sign-up

ID

VAR-202207-1493


CVE

CVE-2022-32837


TITLE

Vulnerabilities in multiple Apple products

Trust: 0.8

sources: JVNDB: JVNDB-2022-017313

DESCRIPTION

This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to cause unexpected system termination or write kernel memory. iPadOS , iOS , Apple Mac OS X Unspecified vulnerabilities exist in multiple Apple products.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. iOS 15.6 and iPadOS 15.6

Trust: 1.8

sources: NVD: CVE-2022-32837 // JVNDB: JVNDB-2022-017313 // VULHUB: VHN-424926 // VULMON: CVE-2022-32837

AFFECTED PRODUCTS

vendor:applemodel:ipadosscope:ltversion:15.6

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:15.6

Trust: 1.0

vendor:applemodel:mac os xscope:gteversion:10.15

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:15.6

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.15.7

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.15.7

Trust: 1.0

vendor:applemodel:macosscope:ltversion:12.5

Trust: 1.0

vendor:applemodel:macosscope:gteversion:12.0

Trust: 1.0

vendor:アップルmodel:macosscope: - version: -

Trust: 0.8

vendor:アップルmodel:ipadosscope: - version: -

Trust: 0.8

vendor:アップルmodel:apple mac os xscope: - version: -

Trust: 0.8

vendor:アップルmodel:iosscope: - version: -

Trust: 0.8

vendor:アップルmodel:tvosscope:eqversion:15.6

Trust: 0.8

sources: JVNDB: JVNDB-2022-017313 // NVD: CVE-2022-32837

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-32837
value: HIGH

Trust: 1.0

NVD: CVE-2022-32837
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202207-2059
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-32837
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2022-32837
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-017313 // CNNVD: CNNVD-202207-2059 // NVD: CVE-2022-32837

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-017313 // NVD: CVE-2022-32837

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202207-2059

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202207-2059

PATCH

title:HT213346 Apple  Security updateurl:https://support.apple.com/en-us/HT213342

Trust: 0.8

title:Apple iOS and iPadOS Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=206029

Trust: 0.6

title:Apple: iOS 15.6 and iPadOS 15.6url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=25de7f37f4830a629a57f79175aeaa2a

Trust: 0.1

title:Apple: macOS Monterey 12.5url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=c765c13fa342a7957a4e91e6dc3d34f4

Trust: 0.1

sources: VULMON: CVE-2022-32837 // JVNDB: JVNDB-2022-017313 // CNNVD: CNNVD-202207-2059

EXTERNAL IDS

db:NVDid:CVE-2022-32837

Trust: 3.4

db:JVNDBid:JVNDB-2022-017313

Trust: 0.8

db:AUSCERTid:ESB-2022.3559

Trust: 0.6

db:CS-HELPid:SB2022072107

Trust: 0.6

db:CNNVDid:CNNVD-202207-2059

Trust: 0.6

db:VULHUBid:VHN-424926

Trust: 0.1

db:VULMONid:CVE-2022-32837

Trust: 0.1

sources: VULHUB: VHN-424926 // VULMON: CVE-2022-32837 // JVNDB: JVNDB-2022-017313 // CNNVD: CNNVD-202207-2059 // NVD: CVE-2022-32837

REFERENCES

url:https://support.apple.com/en-us/ht213346

Trust: 2.3

url:https://support.apple.com/kb/ht213343

Trust: 1.7

url:https://support.apple.com/en-us/ht213342

Trust: 1.7

url:https://support.apple.com/en-us/ht213345

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2022-32837

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-32837/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3559

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-macos-12-multiple-vulnerabilities-38873

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022072107

Trust: 0.6

url:https://support.apple.com/kb/ht213346

Trust: 0.1

sources: VULHUB: VHN-424926 // VULMON: CVE-2022-32837 // JVNDB: JVNDB-2022-017313 // CNNVD: CNNVD-202207-2059 // NVD: CVE-2022-32837

SOURCES

db:VULHUBid:VHN-424926
db:VULMONid:CVE-2022-32837
db:JVNDBid:JVNDB-2022-017313
db:CNNVDid:CNNVD-202207-2059
db:NVDid:CVE-2022-32837

LAST UPDATE DATE

2024-08-14T13:07:43.731000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-424926date:2022-10-01T00:00:00
db:JVNDBid:JVNDB-2022-017313date:2023-10-12T06:15:00
db:CNNVDid:CNNVD-202207-2059date:2022-09-19T00:00:00
db:NVDid:CVE-2022-32837date:2022-10-01T02:32:09.153

SOURCES RELEASE DATE

db:VULHUBid:VHN-424926date:2022-08-24T00:00:00
db:JVNDBid:JVNDB-2022-017313date:2023-10-12T00:00:00
db:CNNVDid:CNNVD-202207-2059date:2022-07-20T00:00:00
db:NVDid:CVE-2022-32837date:2022-08-24T20:15:08.920