ID

VAR-202211-0019


CVE

CVE-2022-32889


TITLE

apple's  iOS  and  watchOS  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-022783

DESCRIPTION

The issue was addressed with improved memory handling. This issue is fixed in iOS 16, watchOS 9. An app may be able to execute arbitrary code with kernel privileges. apple's iOS and watchOS Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2022-32889 // JVNDB: JVNDB-2022-022783 // VULHUB: VHN-424978

AFFECTED PRODUCTS

vendor:applemodel:iphone osscope:ltversion:16.0

Trust: 1.0

vendor:applemodel:watchosscope:ltversion:9.0

Trust: 1.0

vendor:アップルmodel:watchosscope:eqversion:9.0

Trust: 0.8

vendor:アップルmodel:iosscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-022783 // NVD: CVE-2022-32889

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-32889
value: HIGH

Trust: 1.0

NVD: CVE-2022-32889
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202211-1878
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-32889
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2022-32889
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-022783 // CNNVD: CNNVD-202211-1878 // NVD: CVE-2022-32889

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-022783 // NVD: CVE-2022-32889

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202211-1878

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202211-1878

PATCH

title:HT213446 Apple  Security updateurl:https://support.apple.com/en-us/HT213446

Trust: 0.8

title:Apple watchOS Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=213022

Trust: 0.6

sources: JVNDB: JVNDB-2022-022783 // CNNVD: CNNVD-202211-1878

EXTERNAL IDS

db:NVDid:CVE-2022-32889

Trust: 3.3

db:JVNDBid:JVNDB-2022-022783

Trust: 0.8

db:AUSCERTid:ESB-2022.5473

Trust: 0.6

db:CNNVDid:CNNVD-202211-1878

Trust: 0.6

db:VULHUBid:VHN-424978

Trust: 0.1

sources: VULHUB: VHN-424978 // JVNDB: JVNDB-2022-022783 // CNNVD: CNNVD-202211-1878 // NVD: CVE-2022-32889

REFERENCES

url:https://support.apple.com/en-us/ht213446

Trust: 1.7

url:https://support.apple.com/en-us/ht213486

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2022-32889

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2022.5473

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-32889/

Trust: 0.6

sources: VULHUB: VHN-424978 // JVNDB: JVNDB-2022-022783 // CNNVD: CNNVD-202211-1878 // NVD: CVE-2022-32889

SOURCES

db:VULHUBid:VHN-424978
db:JVNDBid:JVNDB-2022-022783
db:CNNVDid:CNNVD-202211-1878
db:NVDid:CVE-2022-32889

LAST UPDATE DATE

2024-08-14T13:16:17.166000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-424978date:2022-11-03T00:00:00
db:JVNDBid:JVNDB-2022-022783date:2023-11-21T00:42:00
db:CNNVDid:CNNVD-202211-1878date:2022-11-04T00:00:00
db:NVDid:CVE-2022-32889date:2022-11-03T15:18:32.870

SOURCES RELEASE DATE

db:VULHUBid:VHN-424978date:2022-11-01T00:00:00
db:JVNDBid:JVNDB-2022-022783date:2023-11-21T00:00:00
db:CNNVDid:CNNVD-202211-1878date:2022-11-01T00:00:00
db:NVDid:CVE-2022-32889date:2022-11-01T20:15:18.693