Lucene search
HistoryDec 15, 2022 - 7:15 p.m.
CVE-2022-46694
ios
ipados
tvos
watchos
kernel code execution
video file
input validation
cve-2022-46694
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
45.8%
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2, tvOS 16.2, watchOS 9.2. Parsing a maliciously crafted video file may lead to kernel code execution.
Affected configurations
Node
appleipadosRange<15.7.2
ORappleipadosRange16.0–16.2
ORappleiphone_osRange<15.7.2
ORappleiphone_osRange16.0–16.2
ORappletvosRange<16.2
ORapplewatchosRange<9.2
Related
cve
cve
CVE-2022-46694
2022-12-15 19:15:26
prion
prion
Input validation
2022-12-15 19:15:00
cvelist
cvelist
CVE-2022-46694
2022-12-15 00:00:00
apple
apple
About the security content of iOS 15.7.2 and iPadOS 15.7.2
2022-12-13 00:00:00
About the security content of tvOS 16.2
2022-12-13 00:00:00
About the security content of watchOS 9.2
2022-12-13 00:00:00
nessus
nessus
Apple TV < 16.2 Multiple Vulnerabilities (HT213535)
2023-01-06 00:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
45.8%
Related for NVD:CVE-2022-46694