Lucene search
HistoryDec 15, 2022 - 7:15 p.m.
CVE-2022-46701
bounds checks
ios
ipados
macos ventura
tvos
arbitrary code execution
kernel privileges
malicious nfs server
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
14.2%
The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2. Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privileges.
Affected configurations
Node
appleipadosRange16.0–16.2
ORappleiphone_osRange16.0–16.2
ORapplemacosRange13.0–13.1
ORappletvosRange<16.2
Related
cvelist
cvelist
CVE-2022-46701
2022-12-15 00:00:00
cve
cve
CVE-2022-46701
2022-12-15 19:15:26
prion
prion
Default credentials
2022-12-15 19:15:00
apple
apple
About the security content of tvOS 16.2
2022-12-13 00:00:00
About the security content of macOS Big Sur 11.7
2022-09-12 00:00:00
About the security content of macOS Monterey 12.6
2022-09-12 00:00:00
nessus
nessus
Apple TV < 16.2 Multiple Vulnerabilities (HT213535)
2023-01-06 00:00:00
macOS 12.x < 12.6 Multiple Vulnerabilities (HT213444)
2022-09-15 00:00:00
macOS 13.x < 13.1 Multiple Vulnerabilities (HT213532)
2022-12-13 00:00:00
openvas
openvas
Apple Mac OS X Security Update (HT213532)
2022-12-16 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
14.2%
Related for NVD:CVE-2022-46701