ID

VAR-202207-1494


CVE

CVE-2022-32816


TITLE

Vulnerabilities in multiple Apple products

Trust: 0.8

sources: JVNDB: JVNDB-2022-018236

DESCRIPTION

The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Visiting a website that frames malicious content may lead to UI spoofing. iPadOS , iOS , macOS Unspecified vulnerabilities exist in multiple Apple products.Information may be tampered with. Both Apple iOS and Apple iPadOS are products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Apple iOS versions prior to 15.6 and iPadOS versions prior to 15.6 have an input validation error vulnerability. The vulnerability stems from incorrect processing of user-provided data in WebKit. Attackers can exploit this vulnerability to allow users to visit websites containing malicious content, which may cause UI cheat. iOS 15.6 and iPadOS 15.6. For the stable distribution (bullseye), these problems have been fixed in version 2.36.6-1~deb11u1. We recommend that you upgrade your wpewebkit packages. Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-07-20-5 tvOS 15.6 tvOS 15.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213342. APFS Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32832: Tommy Muir (@Muirey03) AppleAVD Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: A remote user may be able to cause kernel code execution Description: A buffer overflow issue was addressed with improved bounds checking. CVE-2022-32788: Natalie Silvanovich of Google Project Zero AppleAVD Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app may be able to disclose kernel memory Description: The issue was addressed with improved memory handling. CVE-2022-32824: Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom) AppleMobileFileIntegrity Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app may be able to gain root privileges Description: An authorization issue was addressed with improved state management. CVE-2022-32826: Mickey Jin (@patch1t) of Trend Micro Audio Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2022-32820: an anonymous researcher Audio Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app may be able to disclose kernel memory Description: The issue was addressed with improved memory handling. CVE-2022-32825: John Aakerblom (@jaakerblom) CoreMedia Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app may be able to disclose kernel memory Description: The issue was addressed with improved memory handling. CVE-2022-32828: Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom) CoreText Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: A remote user may cause an unexpected app termination or arbitrary code execution Description: The issue was addressed with improved bounds checks. CVE-2022-32839: STAR Labs (@starlabs_sg) File System Events Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app may be able to gain root privileges Description: A logic issue was addressed with improved state management. CVE-2022-32819: Joshua Mason of Mandiant GPU Drivers Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app may be able to disclose kernel memory Description: Multiple out-of-bounds write issues were addressed with improved bounds checking. CVE-2022-32793: an anonymous researcher GPU Drivers Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved validation. CVE-2022-32821: John Aakerblom (@jaakerblom) iCloud Photo Library Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app may be able to access sensitive user information Description: An information disclosure issue was addressed by removing the vulnerable code. CVE-2022-32849: Joshua Jones ICU Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-32787: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ. ImageIO Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: Processing a maliciously crafted image may result in disclosure of process memory Description: The issue was addressed with improved memory handling. CVE-2022-32841: hjy79425575 ImageIO Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: Processing a maliciously crafted file may lead to arbitrary code execution Description: A logic issue was addressed with improved checks. CVE-2022-32802: Ivan Fratric of Google Project Zero, Mickey Jin (@patch1t) ImageIO Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: Processing a maliciously crafted image may lead to disclosure of user information Description: An out-of-bounds read issue was addressed with improved bounds checking. CVE-2022-32830: Ye Zhang (@co0py_Cat) of Baidu Security Kernel Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32813: Xinru Chi of Pangu Lab CVE-2022-32815: Xinru Chi of Pangu Lab Kernel Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app may be able to disclose kernel memory Description: An out-of-bounds read issue was addressed with improved bounds checking. CVE-2022-32817: Xinru Chi of Pangu Lab Kernel Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication Description: A logic issue was addressed with improved state management. CVE-2022-32844: Sreejith Krishnan R (@skr0x1c0) Liblouis Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app may cause unexpected app termination or arbitrary code execution Description: This issue was addressed with improved checks. CVE-2022-26981: Hexhive (hexhive.epfl.ch), NCNIPC of China (nipc.org.cn) libxml2 Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app may be able to leak sensitive user information Description: A memory initialization issue was addressed with improved memory handling. CVE-2022-32823 Multi-Touch Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app may be able to execute arbitrary code with kernel privileges Description: A type confusion issue was addressed with improved checks. CVE-2022-32814: Pan ZhenPeng (@Peterpan0927) Software Update Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: A user in a privileged network position can track a user’s activity Description: This issue was addressed by using HTTPS when sending information over the network. CVE-2022-32857: Jeffrey Paul (sneak.berlin) WebKit Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: Visiting a website that frames malicious content may lead to UI spoofing Description: The issue was addressed with improved UI handling. WebKit Bugzilla: 239316 CVE-2022-32816: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ. WebKit Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation. WebKit Bugzilla: 240720 CVE-2022-32792: Manfred Paul (@_manfp) working with Trend Micro Zero Day Initiative Wi-Fi Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app may be able to cause unexpected system termination or write kernel memory Description: This issue was addressed with improved checks. CVE-2022-32837: Wang Yu of Cyberserval Wi-Fi Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: A remote user may be able to cause unexpected system termination or corrupt kernel memory Description: This issue was addressed with improved checks. CVE-2022-32847: Wang Yu of Cyberserval Additional recognition 802.1X We would like to acknowledge Shin Sun of National Taiwan University for their assistance. AppleMobileFileIntegrity We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security, Mickey Jin (@patch1t) of Trend Micro, and Wojciech Reguła (@_r3ggi) of SecuRing for their assistance. configd We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security, Mickey Jin (@patch1t) of Trend Micro, and Wojciech Reguła (@_r3ggi) of SecuRing for their assistance. Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software." To check the current version of software, select "Settings -> General -> About." All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmLYeuUACgkQeC9qKD1p rhgqhA//RvdwRWv4x9V+fyJIcdfoFcXnJ/E5rxv6BQjpWnVcFRa/QKVU5lu7AbMk g6R+txpMiG1JAMqAB4oySZMtlxg0RVjCK3vBRy6v61uhBM5IgupHVZeXRVdYNGlJ yitKP7fFbYBuZ9+wcXNE8zeKpF+dUsz0T6CNh4bo6kStyBH5RqpWdPmX5XBtwwf7 /czmfRLrhqcWdhkXJ99yN+836TFtqnUDddJRCx0DRXLYuZCXTe2QwqY6F7d+JrCO P5XN3WntDeYZ6Yn7OK4a1KWdQ9DaKfbpVU/3iC5gFbwLkejzt7rk7QohxetWPooK kD6VMT+lnAS6jDqlLqnb+JLZKM353VQEW5lvLs2/UO0IqP/dSAJwHopikooKPcs+ KegPiZ8O9OEiYBuVAXZiGgQYFhx3eFu+BWoSSsX3JVSsYPQE1ehF8wy5PbjpK9ru 7/s9ZpOpl0rTiBUxMc/yTZbJ2BBZf9lMCykhciQ5wZC5tmfELFnhszQEiBM9mN3K ea5jRTobOq8gU/nb4AZbnVFMJ+gX60w8ZlvGI+E+bnEZq+tBlXFHMZ63avjsYarQ D+2Gs4FtmeAEc7/vJ8RY3RI4mqu+9rMaxniPjsLCY8Kl5OvSYJrbs4YL+dqxe7Mp 20mn2COHtyFEEOoh+NVY1XuzSoDX4TeDBxpuqH5l9MV4TMFUh4M= =i68Z -----END PGP SIGNATURE-----

Trust: 2.16

sources: NVD: CVE-2022-32816 // JVNDB: JVNDB-2022-018236 // VULHUB: VHN-424905 // VULMON: CVE-2022-32816 // PACKETSTORM: 169303 // PACKETSTORM: 167791 // PACKETSTORM: 167790 // PACKETSTORM: 169348

AFFECTED PRODUCTS

vendor:applemodel:watchosscope:ltversion:8.7

Trust: 1.0

vendor:applemodel:ipadosscope:ltversion:15.6

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:15.6

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:15.6

Trust: 1.0

vendor:applemodel:macosscope:ltversion:12.5

Trust: 1.0

vendor:applemodel:macosscope:gteversion:12.0

Trust: 1.0

vendor:アップルmodel:ipadosscope: - version: -

Trust: 0.8

vendor:アップルmodel:watchosscope:eqversion:8.7

Trust: 0.8

vendor:アップルmodel:iosscope: - version: -

Trust: 0.8

vendor:アップルmodel:tvosscope: - version: -

Trust: 0.8

vendor:アップルmodel:macosscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-018236 // NVD: CVE-2022-32816

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-32816
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-32816
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202207-2064
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2022-32816
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2022-32816
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-018236 // CNNVD: CNNVD-202207-2064 // NVD: CVE-2022-32816

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-018236 // NVD: CVE-2022-32816

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202207-2064

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202207-2064

PATCH

title:HT213345 Apple  Security updateurl:https://support.apple.com/en-us/HT213340

Trust: 0.8

title:Multiple Apple product Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=208991

Trust: 0.6

title:Apple: iOS 15.6 and iPadOS 15.6url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=25de7f37f4830a629a57f79175aeaa2a

Trust: 0.1

title:Apple: macOS Monterey 12.5url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=c765c13fa342a7957a4e91e6dc3d34f4

Trust: 0.1

sources: VULMON: CVE-2022-32816 // JVNDB: JVNDB-2022-018236 // CNNVD: CNNVD-202207-2064

EXTERNAL IDS

db:NVDid:CVE-2022-32816

Trust: 3.8

db:PACKETSTORMid:167790

Trust: 0.8

db:JVNDBid:JVNDB-2022-018236

Trust: 0.8

db:PACKETSTORMid:169348

Trust: 0.7

db:AUSCERTid:ESB-2022.4083

Trust: 0.6

db:AUSCERTid:ESB-2022.4258

Trust: 0.6

db:AUSCERTid:ESB-2022.3563

Trust: 0.6

db:AUSCERTid:ESB-2022.4061

Trust: 0.6

db:CS-HELPid:SB2022072107

Trust: 0.6

db:CNNVDid:CNNVD-202207-2064

Trust: 0.6

db:PACKETSTORMid:167791

Trust: 0.2

db:CNVDid:CNVD-2022-71998

Trust: 0.1

db:VULHUBid:VHN-424905

Trust: 0.1

db:VULMONid:CVE-2022-32816

Trust: 0.1

db:PACKETSTORMid:169303

Trust: 0.1

sources: VULHUB: VHN-424905 // VULMON: CVE-2022-32816 // JVNDB: JVNDB-2022-018236 // PACKETSTORM: 169303 // PACKETSTORM: 167791 // PACKETSTORM: 167790 // PACKETSTORM: 169348 // CNNVD: CNNVD-202207-2064 // NVD: CVE-2022-32816

REFERENCES

url:https://support.apple.com/en-us/ht213346

Trust: 2.3

url:https://support.apple.com/en-us/ht213340

Trust: 1.7

url:https://support.apple.com/en-us/ht213342

Trust: 1.7

url:https://support.apple.com/en-us/ht213345

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2022-32816

Trust: 1.2

url:https://cxsecurity.com/cveshow/cve-2022-32816/

Trust: 0.6

url:https://packetstormsecurity.com/files/169348/debian-security-advisory-5210-1.html

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-macos-12-multiple-vulnerabilities-38873

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4061

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4083

Trust: 0.6

url:https://vigilance.fr/vulnerability/webkitgtk-wpe-webkit-two-vulnerabilities-38963

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3563

Trust: 0.6

url:https://packetstormsecurity.com/files/167790/apple-security-advisory-2022-07-20-5.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022072107

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4258

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2022-32792

Trust: 0.4

url:https://www.debian.org/security/faq

Trust: 0.2

url:https://www.debian.org/security/

Trust: 0.2

url:https://www.apple.com/support/security/pgp/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-32788

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-32814

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-32817

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-32793

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-26981

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-32821

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-32820

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-32819

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-32813

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-32815

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-32787

Trust: 0.2

url:https://support.apple.com/en-us/ht201222.

Trust: 0.2

url:https://support.apple.com/kb/ht213346

Trust: 0.1

url:https://security-tracker.debian.org/tracker/wpewebkit

Trust: 0.1

url:https://support.apple.com/ht213340.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32810

Trust: 0.1

url:https://support.apple.com/kb/ht204641

Trust: 0.1

url:https://support.apple.com/ht213342.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32802

Trust: 0.1

url:https://security-tracker.debian.org/tracker/webkit2gtk

Trust: 0.1

sources: VULHUB: VHN-424905 // VULMON: CVE-2022-32816 // JVNDB: JVNDB-2022-018236 // PACKETSTORM: 169303 // PACKETSTORM: 167791 // PACKETSTORM: 167790 // PACKETSTORM: 169348 // CNNVD: CNNVD-202207-2064 // NVD: CVE-2022-32816

CREDITS

Debian

Trust: 0.2

sources: PACKETSTORM: 169303 // PACKETSTORM: 169348

SOURCES

db:VULHUBid:VHN-424905
db:VULMONid:CVE-2022-32816
db:JVNDBid:JVNDB-2022-018236
db:PACKETSTORMid:169303
db:PACKETSTORMid:167791
db:PACKETSTORMid:167790
db:PACKETSTORMid:169348
db:CNNVDid:CNNVD-202207-2064
db:NVDid:CVE-2022-32816

LAST UPDATE DATE

2024-08-14T12:07:13.968000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-424905date:2023-01-09T00:00:00
db:JVNDBid:JVNDB-2022-018236date:2023-10-19T05:04:00
db:CNNVDid:CNNVD-202207-2064date:2022-12-09T00:00:00
db:NVDid:CVE-2022-32816date:2023-01-09T16:41:59.350

SOURCES RELEASE DATE

db:VULHUBid:VHN-424905date:2022-09-23T00:00:00
db:JVNDBid:JVNDB-2022-018236date:2023-10-19T00:00:00
db:PACKETSTORMid:169303date:2022-08-28T19:12:00
db:PACKETSTORMid:167791date:2022-07-22T16:24:29
db:PACKETSTORMid:167790date:2022-07-22T16:24:11
db:PACKETSTORMid:169348date:2022-08-28T19:12:00
db:CNNVDid:CNNVD-202207-2064date:2022-07-20T00:00:00
db:NVDid:CVE-2022-32816date:2022-09-23T19:15:12.837