Details of VAR-202207-1500

ID

VAR-202207-1500

CVE

CVE-2022-32825

TITLE

Vulnerabilities in multiple Apple products

Trust: 0.8

sources: JVNDB: JVNDB-2022-018223

DESCRIPTION

The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel memory. iPadOS , iOS , macOS Unspecified vulnerabilities exist in multiple Apple products.Information may be obtained

Trust: 1.71

sources: NVD: CVE-2022-32825 // JVNDB: JVNDB-2022-018223 // VULHUB: VHN-424914

AFFECTED PRODUCTS

vendor:	apple	model:	watchos	scope:	lt	version:	8.7	Trust: 1.0
vendor:	apple	model:	ipados	scope:	lt	version:	15.6	Trust: 1.0
vendor:	apple	model:	tvos	scope:	lt	version:	15.6	Trust: 1.0
vendor:	apple	model:	macos	scope:	lt	version:	11.6.8	Trust: 1.0
vendor:	apple	model:	macos	scope:	gte	version:	11.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lt	version:	15.6	Trust: 1.0
vendor:	apple	model:	macos	scope:	lt	version:	12.5	Trust: 1.0
vendor:	apple	model:	macos	scope:	gte	version:	12.0	Trust: 1.0
vendor:	アップル	model:	ipados	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	watchos	scope:	eq	version:	8.7	Trust: 0.8
vendor:	アップル	model:	ios	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	tvos	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	macos	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-018223 // NVD: CVE-2022-32825

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-32825
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2022-32825
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202207-2082
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2022-32825
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2022-32825
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-018223 // CNNVD: CNNVD-202207-2082 // NVD: CVE-2022-32825

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-018223 // NVD: CVE-2022-32825

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202207-2082

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202207-2082

PATCH

title:	HT213345 Apple Security update	url:	https://support.apple.com/en-us/HT213340	Trust: 0.8
title:	Multiple Apple product Buffer error vulnerability fix	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=209247	Trust: 0.6
title:	Apple: macOS Big Sur 11.6.8	url:	https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=46307825e8223bef6aa99c76dff503a5	Trust: 0.1
title:	Apple: iOS 15.6 and iPadOS 15.6	url:	https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=25de7f37f4830a629a57f79175aeaa2a	Trust: 0.1
title:	Apple: macOS Monterey 12.5	url:	https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=c765c13fa342a7957a4e91e6dc3d34f4	Trust: 0.1

sources: VULMON: CVE-2022-32825 // JVNDB: JVNDB-2022-018223 // CNNVD: CNNVD-202207-2082

EXTERNAL IDS

db:	NVD	id:	CVE-2022-32825	Trust: 3.4
db:	JVNDB	id:	JVNDB-2022-018223	Trust: 0.8
db:	AUSCERT	id:	ESB-2022.3563	Trust: 0.6
db:	CS-HELP	id:	SB2022072107	Trust: 0.6
db:	CNNVD	id:	CNNVD-202207-2082	Trust: 0.6
db:	VULHUB	id:	VHN-424914	Trust: 0.1
db:	VULMON	id:	CVE-2022-32825	Trust: 0.1

sources: VULHUB: VHN-424914 // VULMON: CVE-2022-32825 // JVNDB: JVNDB-2022-018223 // CNNVD: CNNVD-202207-2082 // NVD: CVE-2022-32825

REFERENCES

url:	https://support.apple.com/en-us/ht213346	Trust: 2.3
url:	https://support.apple.com/en-us/ht213340	Trust: 1.7
url:	https://support.apple.com/en-us/ht213342	Trust: 1.7
url:	https://support.apple.com/en-us/ht213344	Trust: 1.7
url:	https://support.apple.com/en-us/ht213345	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2022-32825	Trust: 0.8
url:	https://vigilance.fr/vulnerability/apple-macos-12-multiple-vulnerabilities-38873	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-32825/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.3563	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022072107	Trust: 0.6
url:	https://support.apple.com/kb/ht213344	Trust: 0.1

sources: VULHUB: VHN-424914 // VULMON: CVE-2022-32825 // JVNDB: JVNDB-2022-018223 // CNNVD: CNNVD-202207-2082 // NVD: CVE-2022-32825

SOURCES

db:	VULHUB	id:	VHN-424914
db:	VULMON	id:	CVE-2022-32825
db:	JVNDB	id:	JVNDB-2022-018223
db:	CNNVD	id:	CNNVD-202207-2082
db:	NVD	id:	CVE-2022-32825

LAST UPDATE DATE

2024-08-14T12:05:42.611000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-424914	date:	2023-01-09T00:00:00
db:	JVNDB	id:	JVNDB-2022-018223	date:	2023-10-19T04:40:00
db:	CNNVD	id:	CNNVD-202207-2082	date:	2022-09-28T00:00:00
db:	NVD	id:	CVE-2022-32825	date:	2023-01-09T16:41:59.350

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-424914	date:	2022-09-23T00:00:00
db:	JVNDB	id:	JVNDB-2022-018223	date:	2023-10-19T00:00:00
db:	CNNVD	id:	CNNVD-202207-2082	date:	2022-07-20T00:00:00
db:	NVD	id:	CVE-2022-32825	date:	2022-09-23T19:15:13.147