The version of Apple iOS running on the mobile device is prior to 15.7. It is, therefore, affected by multiple vulnerabilities:
Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2022-32886)
An app may be able to disclose kernel memory (CVE-2022-32864)
An app may be able to execute arbitrary code with kernel privilege (CVE-2022-32911)
An application may be able to execute arbitrary code with kernel privileges (CVE-2022-32917)
A user may be able to elevate privileges (CVE-2022-32908)
Visiting a malicious website may lead to address bar spoofing (CVE-2022-32795)
An app may be able to bypass Privacy preferences (CVE-2022-32854)
Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2022-32912)
A website may be able to track users through Safari web extensions (CVE-2022-32868)
A person with physical access to an iOS device may be able to access photos from the lock screen (CVE-2022-32872)
An app may be able to read sensitive location information (CVE-2022-32883)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
Binary data apple_ios_157_check.nbin
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32795
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32854
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32864
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32868
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32872
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32883
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32886
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32908
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32911
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32912
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32917
support.apple.com/en-ie/HT213445