Lucene search

K
nessusThis script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.APPLE_IOS_16_CHECK.NBIN
HistorySep 15, 2022 - 12:00 a.m.

Apple iOS < 16 Multiple Vulnerabilities (HT213446)

2022-09-1500:00:00
This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
53

The version of Apple iOS running on the mobile device is prior to 16. It is, therefore, affected by multiple vulnerabilities:

  • Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2022-32886)

  • An app may be able to disclose kernel memory (CVE-2022-32864)

  • An app may be able to execute arbitrary code with kernel privilege (CVE-2022-32911)

  • An application may be able to execute arbitrary code with kernel privileges (CVE-2022-32917)

  • A user may be able to elevate privileges (CVE-2022-32908)

  • Visiting a malicious website may lead to address bar spoofing (CVE-2022-32795)

  • An app may be able to bypass Privacy preferences (CVE-2022-32854)

  • Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2022-32912)

  • A website may be able to track users through Safari web extensions (CVE-2022-32868)

  • A person with physical access to an iOS device may be able to access photos from the lock screen (CVE-2022-32872)

  • An app may be able to read sensitive location information (CVE-2022-32883)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

Binary data apple_ios_16_check.nbin
VendorProductVersion
appleiphone_os

References