Lucene search
HistoryDec 15, 2022 - 7:15 p.m.
CVE-2022-42849
access issue
api calls
ios 16.2
privileged
elevate privileges
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
38.6%
An access issue existed with privileged API calls. This issue was addressed with additional restrictions. This issue is fixed in iOS 16.2 and iPadOS 16.2, tvOS 16.2, watchOS 9.2. A user may be able to elevate privileges.
Affected configurations
Node
appleipadosRange<16.2
ORappleiphone_osRange<16.2
ORappletvosRange<16.2
ORapplewatchosRange<9.2
Related
cve
cve
CVE-2022-42849
2022-12-15 19:15:24
prion
prion
Design/Logic Flaw
2022-12-15 19:15:00
cvelist
cvelist
CVE-2022-42849
2022-12-15 00:00:00
apple
apple
About the security content of tvOS 16.2
2022-12-13 00:00:00
About the security content of watchOS 9.2
2022-12-13 00:00:00
About the security content of iOS 16.2 and iPadOS 16.2
2022-12-13 00:00:00
nessus
nessus
Apple TV < 16.2 Multiple Vulnerabilities (HT213535)
2023-01-06 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
38.6%
Related for NVD:CVE-2022-42849