Lucene search

K
cve[email protected]CVE-2022-32925
HistoryNov 01, 2022 - 8:15 p.m.

CVE-2022-32925

2022-11-0120:15:19
CWE-787
web.nvd.nist.gov
27
cve-2022-32925
nvd
security
bounds checking
system termination
kernel memory

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.6%

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to cause unexpected system termination or write kernel memory.

Affected configurations

NVD
Node
appleiphone_osRange<16.0
OR
appletvosRange<16.0
OR
applewatchosRange<9.0

CNA Affected

[
  {
    "vendor": "Apple",
    "product": "iOS",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "16",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "watchOS",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "9",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "watchOS",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "16",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.6%

Related for CVE-2022-32925