Lucene search

K
cvelistAppleCVELIST:CVE-2022-26765
HistoryMay 26, 2022 - 7:21 p.m.

CVE-2022-26765

2022-05-2619:21:18
apple
www.cve.org
9
race condition handling
watchos 8.6
tvos 15.5
macos monterey 12.4
ios 15.5
ipados 15.5
arbitrary read write capability
pointer authentication
malicious attacker

AI Score

5.8

Confidence

Low

EPSS

0

Percentile

15.7%

A race condition was addressed with improved state handling. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.

CNA Affected

[
  {
    "product": "watchOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "8.6",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "watchOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "15.5",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "watchOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "12.4",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "watchOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "15.5",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

AI Score

5.8

Confidence

Low

EPSS

0

Percentile

15.7%

Related for CVELIST:CVE-2022-26765