Details of VAR-202210-1474

ID

VAR-202210-1474

CVE

CVE-2022-32913

TITLE

Vulnerabilities in multiple Apple products

Trust: 0.8

sources: JVNDB: JVNDB-2022-022851

DESCRIPTION

The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera. iOS , macOS , tvOS Unspecified vulnerabilities exist in multiple Apple products.Information may be obtained

Trust: 1.71

sources: NVD: CVE-2022-32913 // JVNDB: JVNDB-2022-022851 // VULHUB: VHN-425002

AFFECTED PRODUCTS

vendor:	apple	model:	macos	scope:	gte	version:	12.0.0	Trust: 1.0
vendor:	apple	model:	macos	scope:	lt	version:	12.6	Trust: 1.0
vendor:	apple	model:	tvos	scope:	lt	version:	16.0	Trust: 1.0
vendor:	apple	model:	watchos	scope:	lt	version:	9.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lt	version:	16.0	Trust: 1.0
vendor:	apple	model:	macos	scope:	gte	version:	11.0	Trust: 1.0
vendor:	apple	model:	macos	scope:	lt	version:	11.7	Trust: 1.0
vendor:	アップル	model:	watchos	scope:	eq	version:	9.0	Trust: 0.8
vendor:	アップル	model:	tvos	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	ios	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	macos	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-022851 // NVD: CVE-2022-32913

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-32913
value:	LOW
Trust: 1.0
NVD:	CVE-2022-32913
value:	LOW
Trust: 0.8
CNNVD:	CNNVD-202210-1628
value:	LOW
Trust: 0.6

nvd@nist.gov:	CVE-2022-32913
baseSeverity:	LOW
baseScore:	3.3
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	1.4
version:	3.1
Trust: 1.0
NVD:	CVE-2022-32913
baseSeverity:	LOW
baseScore:	3.3
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-022851 // CNNVD: CNNVD-202210-1628 // NVD: CVE-2022-32913

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-022851 // NVD: CVE-2022-32913

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202210-1628

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202210-1628

PATCH

title:	HT213487 Apple Security update	url:	https://support.apple.com/en-us/HT213443	Trust: 0.8
title:	Apple macOS Security vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=212968	Trust: 0.6

sources: JVNDB: JVNDB-2022-022851 // CNNVD: CNNVD-202210-1628

EXTERNAL IDS

db:	NVD	id:	CVE-2022-32913	Trust: 3.3
db:	JVNDB	id:	JVNDB-2022-022851	Trust: 0.8
db:	AUSCERT	id:	ESB-2022.5462	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.5473	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.5300	Trust: 0.6
db:	CNNVD	id:	CNNVD-202210-1628	Trust: 0.6
db:	VULHUB	id:	VHN-425002	Trust: 0.1

sources: VULHUB: VHN-425002 // JVNDB: JVNDB-2022-022851 // CNNVD: CNNVD-202210-1628 // NVD: CVE-2022-32913

REFERENCES

url:	https://support.apple.com/en-us/ht213488	Trust: 2.3
url:	https://support.apple.com/en-us/ht213443	Trust: 1.7
url:	https://support.apple.com/en-us/ht213444	Trust: 1.7
url:	https://support.apple.com/en-us/ht213446	Trust: 1.7
url:	https://support.apple.com/en-us/ht213486	Trust: 1.7
url:	https://support.apple.com/en-us/ht213487	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2022-32913	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-32913/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.5462	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.5473	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.5300	Trust: 0.6
url:	https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-39702	Trust: 0.6

sources: VULHUB: VHN-425002 // JVNDB: JVNDB-2022-022851 // CNNVD: CNNVD-202210-1628 // NVD: CVE-2022-32913

SOURCES

db:	VULHUB	id:	VHN-425002
db:	JVNDB	id:	JVNDB-2022-022851
db:	CNNVD	id:	CNNVD-202210-1628
db:	NVD	id:	CVE-2022-32913

LAST UPDATE DATE

2024-08-14T12:09:57.416000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-425002	date:	2022-11-03T00:00:00
db:	JVNDB	id:	JVNDB-2022-022851	date:	2023-11-21T02:27:00
db:	CNNVD	id:	CNNVD-202210-1628	date:	2022-11-04T00:00:00
db:	NVD	id:	CVE-2022-32913	date:	2022-11-03T15:02:11.587

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-425002	date:	2022-11-01T00:00:00
db:	JVNDB	id:	JVNDB-2022-022851	date:	2023-11-21T00:00:00
db:	CNNVD	id:	CNNVD-202210-1628	date:	2022-10-24T00:00:00
db:	NVD	id:	CVE-2022-32913	date:	2022-11-01T20:15:19.233