CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
30.9%
The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4. A sandboxed app may be able to determine which app is currently using the camera.
[
{
"vendor": "Apple",
"product": "macOS",
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "13.3",
"versionType": "custom"
}
]
},
{
"vendor": "Apple",
"product": "iOS and iPadOS",
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "16.4",
"versionType": "custom"
}
]
},
{
"vendor": "Apple",
"product": "watchOS",
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "9.4",
"versionType": "custom"
}
]
},
{
"vendor": "Apple",
"product": "iOS and iPadOS",
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "15.7",
"versionType": "custom"
}
]
}
]