Sign-up

ID

VAR-202207-1501


CVE

CVE-2022-32826


TITLE

Vulnerabilities in multiple Apple products

Trust: 0.8

sources: JVNDB: JVNDB-2022-018217

DESCRIPTION

An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to gain root privileges. iPadOS , iOS , Apple Mac OS X Unspecified vulnerabilities exist in multiple Apple products.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2022-32826 // JVNDB: JVNDB-2022-018217 // VULHUB: VHN-424915

AFFECTED PRODUCTS

vendor:applemodel:macosscope:ltversion:10.15.7

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:15.6

Trust: 1.0

vendor:applemodel:macosscope:eqversion:10.15.7

Trust: 1.0

vendor:applemodel:macosscope:gteversion:12.0

Trust: 1.0

vendor:applemodel:watchosscope:ltversion:8.7

Trust: 1.0

vendor:applemodel:ipadosscope:ltversion:15.6

Trust: 1.0

vendor:applemodel:macosscope:ltversion:11.6.8

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.15.7

Trust: 1.0

vendor:applemodel:macosscope:gteversion:11.0

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:15.6

Trust: 1.0

vendor:applemodel:macosscope:ltversion:12.5

Trust: 1.0

vendor:アップルmodel:ipadosscope: - version: -

Trust: 0.8

vendor:アップルmodel:watchosscope:eqversion:8.7

Trust: 0.8

vendor:アップルmodel:iosscope: - version: -

Trust: 0.8

vendor:アップルmodel:tvosscope: - version: -

Trust: 0.8

vendor:アップルmodel:apple mac os xscope: - version: -

Trust: 0.8

vendor:アップルmodel:macosscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-018217 // NVD: CVE-2022-32826

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-32826
value: HIGH

Trust: 1.0

NVD: CVE-2022-32826
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202207-2078
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-32826
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2022-32826
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-018217 // CNNVD: CNNVD-202207-2078 // NVD: CVE-2022-32826

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-018217 // NVD: CVE-2022-32826

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202207-2078

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-202207-2078

PATCH

title:HT213345 Apple  Security updateurl:https://support.apple.com/en-us/HT213340

Trust: 0.8

title:Multiple Apple product Fixes for permissions and access control issues vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=208994

Trust: 0.6

title:Apple: macOS Big Sur 11.6.8url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=46307825e8223bef6aa99c76dff503a5

Trust: 0.1

title:Apple: iOS 15.6 and iPadOS 15.6url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=25de7f37f4830a629a57f79175aeaa2a

Trust: 0.1

title:Apple: macOS Monterey 12.5url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=c765c13fa342a7957a4e91e6dc3d34f4

Trust: 0.1

title:Apple: Security Update 2022-005 Catalinaurl:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=b71ee1a3b689c178ee5a5bc823295063

Trust: 0.1

sources: VULMON: CVE-2022-32826 // JVNDB: JVNDB-2022-018217 // CNNVD: CNNVD-202207-2078

EXTERNAL IDS

db:NVDid:CVE-2022-32826

Trust: 3.4

db:JVNDBid:JVNDB-2022-018217

Trust: 0.8

db:AUSCERTid:ESB-2022.3563

Trust: 0.6

db:CS-HELPid:SB2022072107

Trust: 0.6

db:CNNVDid:CNNVD-202207-2078

Trust: 0.6

db:VULHUBid:VHN-424915

Trust: 0.1

db:VULMONid:CVE-2022-32826

Trust: 0.1

sources: VULHUB: VHN-424915 // VULMON: CVE-2022-32826 // JVNDB: JVNDB-2022-018217 // CNNVD: CNNVD-202207-2078 // NVD: CVE-2022-32826

REFERENCES

url:https://support.apple.com/en-us/ht213346

Trust: 2.3

url:https://support.apple.com/en-us/ht213340

Trust: 1.7

url:https://support.apple.com/en-us/ht213342

Trust: 1.7

url:https://support.apple.com/en-us/ht213343

Trust: 1.7

url:https://support.apple.com/en-us/ht213344

Trust: 1.7

url:https://support.apple.com/en-us/ht213345

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2022-32826

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-32826/

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-macos-12-multiple-vulnerabilities-38873

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3563

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022072107

Trust: 0.6

url:https://support.apple.com/kb/ht213344

Trust: 0.1

sources: VULHUB: VHN-424915 // VULMON: CVE-2022-32826 // JVNDB: JVNDB-2022-018217 // CNNVD: CNNVD-202207-2078 // NVD: CVE-2022-32826

SOURCES

db:VULHUBid:VHN-424915
db:VULMONid:CVE-2022-32826
db:JVNDBid:JVNDB-2022-018217
db:CNNVDid:CNNVD-202207-2078
db:NVDid:CVE-2022-32826

LAST UPDATE DATE

2024-08-14T13:10:54.832000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-424915date:2023-01-09T00:00:00
db:JVNDBid:JVNDB-2022-018217date:2023-10-19T03:23:00
db:CNNVDid:CNNVD-202207-2078date:2022-09-28T00:00:00
db:NVDid:CVE-2022-32826date:2023-01-09T16:41:59.350

SOURCES RELEASE DATE

db:VULHUBid:VHN-424915date:2022-09-23T00:00:00
db:JVNDBid:JVNDB-2022-018217date:2023-10-19T00:00:00
db:CNNVDid:CNNVD-202207-2078date:2022-07-20T00:00:00
db:NVDid:CVE-2022-32826date:2022-09-23T19:15:13.193