Sign-up

ID

VAR-202212-1249


CVE

CVE-2022-46697


TITLE

apple's  macOS  Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-023808

DESCRIPTION

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.1. An app may be able to execute arbitrary code with kernel privileges. apple's macOS Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2022-46697 // JVNDB: JVNDB-2022-023808 // VULHUB: VHN-447271 // VULMON: CVE-2022-46697

AFFECTED PRODUCTS

vendor:applemodel:macosscope:ltversion:13.1

Trust: 1.0

vendor:アップルmodel:macosscope:eqversion:13.1

Trust: 0.8

vendor:アップルmodel:macosscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-023808 // NVD: CVE-2022-46697

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-46697
value: HIGH

Trust: 1.0

NVD: CVE-2022-46697
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202212-3024
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-46697
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2022-46697
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-023808 // CNNVD: CNNVD-202212-3024 // NVD: CVE-2022-46697

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

problemtype:Out-of-bounds writing (CWE-787) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-447271 // JVNDB: JVNDB-2022-023808 // NVD: CVE-2022-46697

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202212-3024

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202212-3024

PATCH

title:HT213532 Apple  Security updateurl:https://support.apple.com/en-us/HT213532

Trust: 0.8

sources: JVNDB: JVNDB-2022-023808

EXTERNAL IDS

db:NVDid:CVE-2022-46697

Trust: 3.4

db:JVNDBid:JVNDB-2022-023808

Trust: 0.8

db:CNNVDid:CNNVD-202212-3024

Trust: 0.6

db:VULHUBid:VHN-447271

Trust: 0.1

db:VULMONid:CVE-2022-46697

Trust: 0.1

sources: VULHUB: VHN-447271 // VULMON: CVE-2022-46697 // JVNDB: JVNDB-2022-023808 // CNNVD: CNNVD-202212-3024 // NVD: CVE-2022-46697

REFERENCES

url:http://seclists.org/fulldisclosure/2022/dec/23

Trust: 2.5

url:https://support.apple.com/en-us/ht213532

Trust: 2.4

url:https://nvd.nist.gov/vuln/detail/cve-2022-46697

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-46697/

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-ios-macos-multiple-vulnerabilities-of-december-2022-40105

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-447271 // VULMON: CVE-2022-46697 // JVNDB: JVNDB-2022-023808 // CNNVD: CNNVD-202212-3024 // NVD: CVE-2022-46697

SOURCES

db:VULHUBid:VHN-447271
db:VULMONid:CVE-2022-46697
db:JVNDBid:JVNDB-2022-023808
db:CNNVDid:CNNVD-202212-3024
db:NVDid:CVE-2022-46697

LAST UPDATE DATE

2024-08-14T13:52:52.932000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-447271date:2022-12-21T00:00:00
db:VULMONid:CVE-2022-46697date:2022-12-15T00:00:00
db:JVNDBid:JVNDB-2022-023808date:2023-11-30T03:02:00
db:CNNVDid:CNNVD-202212-3024date:2022-12-22T00:00:00
db:NVDid:CVE-2022-46697date:2022-12-21T14:26:49.630

SOURCES RELEASE DATE

db:VULHUBid:VHN-447271date:2022-12-15T00:00:00
db:VULMONid:CVE-2022-46697date:2022-12-15T00:00:00
db:JVNDBid:JVNDB-2022-023808date:2023-11-30T00:00:00
db:CNNVDid:CNNVD-202212-3024date:2022-12-13T00:00:00
db:NVDid:CVE-2022-46697date:2022-12-15T19:15:26.523