Vulnerability-Lookup

CVE-2022-32913 (GCVE-0-2022-32913)

Vulnerability from cvelistv5 – Published: 2022-11-01 00:00 – Updated: 2025-05-06 19:22

Summary

The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera.

Severity ?

3.3 (Low)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

A sandboxed app may be able to determine which app is currently using the camera

Assigner

apple

References

URL

Tags

	https://support.apple.com/en-us/HT213446
	https://support.apple.com/en-us/HT213443
	https://support.apple.com/en-us/HT213444
	https://support.apple.com/en-us/HT213488
	https://support.apple.com/en-us/HT213486
	https://support.apple.com/en-us/HT213487

Impacted products

Vendor

Product

Version

Apple

macOS

Affected: unspecified , < 13 (custom)

Apple	macOS	Affected: unspecified , < 16 (custom)
Apple	macOS	Affected: unspecified , < 11.7 (custom)
Apple	watchOS	Affected: unspecified , < 9 (custom)
Apple	watchOS	Affected: unspecified , < 16 (custom)
Apple	watchOS	Affected: unspecified , < 12.6 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T07:54:02.971Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213446"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213443"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213444"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213488"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213486"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213487"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 3.3,
              "baseSeverity": "LOW",
              "confidentialityImpact": "LOW",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-32913",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-06T19:22:03.023151Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-200",
                "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-06T19:22:34.193Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "13",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "16",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "11.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "9",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "16",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "12.6",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "A sandboxed app may be able to determine which app is currently using the camera",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-11-01T00:00:00.000Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/HT213446"
        },
        {
          "url": "https://support.apple.com/en-us/HT213443"
        },
        {
          "url": "https://support.apple.com/en-us/HT213444"
        },
        {
          "url": "https://support.apple.com/en-us/HT213488"
        },
        {
          "url": "https://support.apple.com/en-us/HT213486"
        },
        {
          "url": "https://support.apple.com/en-us/HT213487"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2022-32913",
    "datePublished": "2022-11-01T00:00:00.000Z",
    "dateReserved": "2022-06-09T00:00:00.000Z",
    "dateUpdated": "2025-05-06T19:22:34.193Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://support.apple.com/en-us/HT213446\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://support.apple.com/en-us/HT213443\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://support.apple.com/en-us/HT213444\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://support.apple.com/en-us/HT213488\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://support.apple.com/en-us/HT213486\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://support.apple.com/en-us/HT213487\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T07:54:02.971Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 3.3, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-32913\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-06T19:22:03.023151Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-200\", \"description\": \"CWE-200 Exposure of Sensitive Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-06T19:22:28.113Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Apple\", \"product\": \"macOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"13\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Apple\", \"product\": \"macOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"16\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Apple\", \"product\": \"macOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"11.7\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Apple\", \"product\": \"watchOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"9\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Apple\", \"product\": \"watchOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"16\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Apple\", \"product\": \"watchOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"12.6\", \"versionType\": \"custom\"}]}], \"references\": [{\"url\": \"https://support.apple.com/en-us/HT213446\"}, {\"url\": \"https://support.apple.com/en-us/HT213443\"}, {\"url\": \"https://support.apple.com/en-us/HT213444\"}, {\"url\": \"https://support.apple.com/en-us/HT213488\"}, {\"url\": \"https://support.apple.com/en-us/HT213486\"}, {\"url\": \"https://support.apple.com/en-us/HT213487\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"A sandboxed app may be able to determine which app is currently using the camera\"}]}], \"providerMetadata\": {\"orgId\": \"286789f9-fbc2-4510-9f9a-43facdede74c\", \"shortName\": \"apple\", \"dateUpdated\": \"2022-11-01T00:00:00.000Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-32913\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-06T19:22:34.193Z\", \"dateReserved\": \"2022-06-09T00:00:00.000Z\", \"assignerOrgId\": \"286789f9-fbc2-4510-9f9a-43facdede74c\", \"datePublished\": \"2022-11-01T00:00:00.000Z\", \"assignerShortName\": \"apple\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GSD-2022-32913

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-32913

Aliases

CVE-2022-32913

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-32913",
    "description": "The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera.",
    "id": "GSD-2022-32913"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-32913"
      ],
      "details": "The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera.",
      "id": "GSD-2022-32913",
      "modified": "2023-12-13T01:19:12.251945Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@apple.com",
        "ID": "CVE-2022-32913",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "macOS",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_value": "13"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "macOS",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_value": "16"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "macOS",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_value": "11.7"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "watchOS",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_value": "9"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "watchOS",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_value": "16"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "watchOS",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_value": "12.6"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Apple"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "A sandboxed app may be able to determine which app is currently using the camera"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://support.apple.com/en-us/HT213446",
            "refsource": "MISC",
            "url": "https://support.apple.com/en-us/HT213446"
          },
          {
            "name": "https://support.apple.com/en-us/HT213443",
            "refsource": "MISC",
            "url": "https://support.apple.com/en-us/HT213443"
          },
          {
            "name": "https://support.apple.com/en-us/HT213444",
            "refsource": "MISC",
            "url": "https://support.apple.com/en-us/HT213444"
          },
          {
            "name": "https://support.apple.com/en-us/HT213488",
            "refsource": "MISC",
            "url": "https://support.apple.com/en-us/HT213488"
          },
          {
            "name": "https://support.apple.com/en-us/HT213486",
            "refsource": "MISC",
            "url": "https://support.apple.com/en-us/HT213486"
          },
          {
            "name": "https://support.apple.com/en-us/HT213487",
            "refsource": "MISC",
            "url": "https://support.apple.com/en-us/HT213487"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "16.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "12.6",
                "versionStartIncluding": "12.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "11.7",
                "versionStartIncluding": "11.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "9.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "16.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2022-32913"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.apple.com/en-us/HT213443",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/en-us/HT213443"
            },
            {
              "name": "https://support.apple.com/en-us/HT213487",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/en-us/HT213487"
            },
            {
              "name": "https://support.apple.com/en-us/HT213444",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/en-us/HT213444"
            },
            {
              "name": "https://support.apple.com/en-us/HT213488",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/en-us/HT213488"
            },
            {
              "name": "https://support.apple.com/en-us/HT213486",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/en-us/HT213486"
            },
            {
              "name": "https://support.apple.com/en-us/HT213446",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/en-us/HT213446"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 1.4
        }
      },
      "lastModifiedDate": "2022-11-03T15:02Z",
      "publishedDate": "2022-11-01T20:15Z"
    }
  }
}

FKIE_CVE-2022-32913

Vulnerability from fkie_nvd - Published: 2022-11-01 20:15 - Updated: 2025-05-06 20:15

Severity ?

3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Summary

References

URL	Tags
product-security@apple.com	https://support.apple.com/en-us/HT213443	Vendor Advisory
product-security@apple.com	https://support.apple.com/en-us/HT213444	Vendor Advisory
product-security@apple.com	https://support.apple.com/en-us/HT213446	Vendor Advisory
product-security@apple.com	https://support.apple.com/en-us/HT213486	Vendor Advisory
product-security@apple.com	https://support.apple.com/en-us/HT213487	Vendor Advisory
product-security@apple.com	https://support.apple.com/en-us/HT213488	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/en-us/HT213443	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/en-us/HT213444	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/en-us/HT213446	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/en-us/HT213486	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/en-us/HT213487	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/en-us/HT213488	Vendor Advisory

Impacted products

Vendor	Product	Version
apple	iphone_os	*
apple	macos	*
apple	macos	*
apple	tvos	*
apple	watchos	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1D9387F-63B6-41B3-8BDC-A6102EE5F1E2",
              "versionEndExcluding": "16.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8400BA2C-947C-40A8-AD5A-9BF477397E0D",
              "versionEndExcluding": "11.7",
              "versionStartIncluding": "11.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "09A274B0-D746-4C2E-A03A-CDC28DB3333E",
              "versionEndExcluding": "12.6",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "534DED19-82FC-4E39-BFD3-F2FE5C71A66B",
              "versionEndExcluding": "16.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "712A2CD4-6807-496A-8467-BFB138371E51",
              "versionEndExcluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera."
    },
    {
      "lang": "es",
      "value": "El problema se solucion\u00f3 con restricciones adicionales sobre la observabilidad de los estados de las aplicaciones. Este problema se solucion\u00f3 en macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. Una aplicaci\u00f3n de espacio aislado puede determinar qu\u00e9 aplicaci\u00f3n est\u00e1 usando actualmente la c\u00e1mara."
    }
  ],
  "id": "CVE-2022-32913",
  "lastModified": "2025-05-06T20:15:21.207",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 3.3,
          "baseSeverity": "LOW",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 3.3,
          "baseSeverity": "LOW",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 1.4,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2022-11-01T20:15:19.233",
  "references": [
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/en-us/HT213443"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/en-us/HT213444"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/en-us/HT213446"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/en-us/HT213486"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/en-us/HT213487"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/en-us/HT213488"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/en-us/HT213443"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/en-us/HT213444"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/en-us/HT213446"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/en-us/HT213486"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/en-us/HT213487"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/en-us/HT213488"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

GHSA-FGF8-VX7F-99W6

Vulnerability from github – Published: 2022-11-02 12:00 – Updated: 2022-11-03 19:00

Details

Severity ?

3.3 (Low)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-32913"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-11-01T20:15:00Z",
    "severity": "LOW"
  },
  "details": "The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera.",
  "id": "GHSA-fgf8-vx7f-99w6",
  "modified": "2022-11-03T19:00:27Z",
  "published": "2022-11-02T12:00:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32913"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213443"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213444"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213446"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213486"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213487"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213488"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2022-AVI-947

Vulnerability from certfr_avis - Published: 2022-10-25 - Updated: 2022-10-25

De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.

Apple indique que la vulnérabilité CVE-2022-42827 serait activement exploitée.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	watchOS versions antérieures à 9.1
Apple	N/A	iPadOS versions antérieures à 16
Apple	macOS	macOS Monterey versions antérieures à 12.6.1
Apple	Safari	Safari versions antérieures à 16.1
Apple	macOS	macOS Ventura versions antérieures à 13
Apple	N/A	iOS versions antérieures à 16.1
Apple	macOS	macOS Big Sur versions antérieures à 11.7.1
Apple	N/A	tvOS versions antérieures à 16.1

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT213493 du 24 octobre 2022	None	vendor-advisory
Bulletin de sécurité Apple HT213489 du 24 octobre 2022	None	vendor-advisory
Bulletin de sécurité Apple HT213492 du 24 octobre 2022	None	vendor-advisory
Bulletin de sécurité Apple HT213491 du 24 octobre 2022	None	vendor-advisory
Bulletin de sécurité Apple HT213494 du 24 octobre 2022	None	vendor-advisory
Bulletin de sécurité Apple HT213488 du 24 octobre 2022	None	vendor-advisory
Bulletin de sécurité Apple HT213495 du 24 octobre 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "watchOS versions ant\u00e9rieures \u00e0 9.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPadOS versions ant\u00e9rieures \u00e0 16",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Monterey versions ant\u00e9rieures \u00e0 12.6.1",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Safari versions ant\u00e9rieures \u00e0 16.1",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Ventura versions ant\u00e9rieures \u00e0 13",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions ant\u00e9rieures \u00e0 16.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Big Sur versions ant\u00e9rieures \u00e0 11.7.1",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "tvOS versions ant\u00e9rieures \u00e0 16.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-1621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1621"
    },
    {
      "name": "CVE-2022-42819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42819"
    },
    {
      "name": "CVE-2022-0261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0261"
    },
    {
      "name": "CVE-2022-2000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2000"
    },
    {
      "name": "CVE-2022-1381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1381"
    },
    {
      "name": "CVE-2022-0696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0696"
    },
    {
      "name": "CVE-2021-39537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
    },
    {
      "name": "CVE-2022-1898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1898"
    },
    {
      "name": "CVE-2022-42832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42832"
    },
    {
      "name": "CVE-2022-42823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42823"
    },
    {
      "name": "CVE-2022-32208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
    },
    {
      "name": "CVE-2022-32913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32913"
    },
    {
      "name": "CVE-2022-32928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32928"
    },
    {
      "name": "CVE-2021-36690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36690"
    },
    {
      "name": "CVE-2022-42815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42815"
    },
    {
      "name": "CVE-2022-1968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1968"
    },
    {
      "name": "CVE-2022-32936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32936"
    },
    {
      "name": "CVE-2022-28739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28739"
    },
    {
      "name": "CVE-2022-32207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
    },
    {
      "name": "CVE-2022-42793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42793"
    },
    {
      "name": "CVE-2022-32915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32915"
    },
    {
      "name": "CVE-2022-1629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1629"
    },
    {
      "name": "CVE-2022-42827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42827"
    },
    {
      "name": "CVE-2022-42830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42830"
    },
    {
      "name": "CVE-2022-0554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0554"
    },
    {
      "name": "CVE-2022-32862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32862"
    },
    {
      "name": "CVE-2022-0572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0572"
    },
    {
      "name": "CVE-2022-42824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42824"
    },
    {
      "name": "CVE-2022-2042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2042"
    },
    {
      "name": "CVE-2022-0714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0714"
    },
    {
      "name": "CVE-2022-1733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1733"
    },
    {
      "name": "CVE-2022-0943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0943"
    },
    {
      "name": "CVE-2022-1927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1927"
    },
    {
      "name": "CVE-2022-1851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1851"
    },
    {
      "name": "CVE-2022-2126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2126"
    },
    {
      "name": "CVE-2022-42795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42795"
    },
    {
      "name": "CVE-2022-1897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1897"
    },
    {
      "name": "CVE-2022-0368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0368"
    },
    {
      "name": "CVE-2022-0319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0319"
    },
    {
      "name": "CVE-2022-42829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42829"
    },
    {
      "name": "CVE-2022-42831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42831"
    },
    {
      "name": "CVE-2022-42806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42806"
    },
    {
      "name": "CVE-2022-1616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1616"
    },
    {
      "name": "CVE-2022-42796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42796"
    },
    {
      "name": "CVE-2022-32866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32866"
    },
    {
      "name": "CVE-2022-42808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42808"
    },
    {
      "name": "CVE-2022-32940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32940"
    },
    {
      "name": "CVE-2022-42790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42790"
    },
    {
      "name": "CVE-2022-42788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42788"
    },
    {
      "name": "CVE-2022-32886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32886"
    },
    {
      "name": "CVE-2022-1622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1622"
    },
    {
      "name": "CVE-2022-0629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0629"
    },
    {
      "name": "CVE-2022-29458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
    },
    {
      "name": "CVE-2022-32890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32890"
    },
    {
      "name": "CVE-2022-0729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0729"
    },
    {
      "name": "CVE-2022-42814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42814"
    },
    {
      "name": "CVE-2022-32867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32867"
    },
    {
      "name": "CVE-2022-32924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32924"
    },
    {
      "name": "CVE-2022-32883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32883"
    },
    {
      "name": "CVE-2022-1725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1725"
    },
    {
      "name": "CVE-2022-42818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42818"
    },
    {
      "name": "CVE-2022-42789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42789"
    },
    {
      "name": "CVE-2022-32912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32912"
    },
    {
      "name": "CVE-2022-0392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0392"
    },
    {
      "name": "CVE-2022-32205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
    },
    {
      "name": "CVE-2022-32918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32918"
    },
    {
      "name": "CVE-2022-32908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32908"
    },
    {
      "name": "CVE-2022-1620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1620"
    },
    {
      "name": "CVE-2022-32911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32911"
    },
    {
      "name": "CVE-2022-42813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42813"
    },
    {
      "name": "CVE-2022-32864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32864"
    },
    {
      "name": "CVE-2022-1942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1942"
    },
    {
      "name": "CVE-2022-1735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1735"
    },
    {
      "name": "CVE-2022-1720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1720"
    },
    {
      "name": "CVE-2022-42809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42809"
    },
    {
      "name": "CVE-2022-0359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0359"
    },
    {
      "name": "CVE-2022-1420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1420"
    },
    {
      "name": "CVE-2022-32898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32898"
    },
    {
      "name": "CVE-2022-32938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32938"
    },
    {
      "name": "CVE-2022-32827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32827"
    },
    {
      "name": "CVE-2022-26730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26730"
    },
    {
      "name": "CVE-2022-42799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42799"
    },
    {
      "name": "CVE-2022-32914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32914"
    },
    {
      "name": "CVE-2022-0351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0351"
    },
    {
      "name": "CVE-2022-32875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32875"
    },
    {
      "name": "CVE-2022-0361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0361"
    },
    {
      "name": "CVE-2022-32206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
    },
    {
      "name": "CVE-2022-32892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32892"
    },
    {
      "name": "CVE-2022-32881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32881"
    },
    {
      "name": "CVE-2022-42811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42811"
    },
    {
      "name": "CVE-2022-32905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32905"
    },
    {
      "name": "CVE-2022-32895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32895"
    },
    {
      "name": "CVE-2022-32922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32922"
    },
    {
      "name": "CVE-2022-1674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1674"
    },
    {
      "name": "CVE-2022-32902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32902"
    },
    {
      "name": "CVE-2022-0318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0318"
    },
    {
      "name": "CVE-2022-32904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32904"
    },
    {
      "name": "CVE-2022-32879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32879"
    },
    {
      "name": "CVE-2022-2124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2124"
    },
    {
      "name": "CVE-2022-32865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32865"
    },
    {
      "name": "CVE-2022-1769",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1769"
    },
    {
      "name": "CVE-2022-32947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32947"
    },
    {
      "name": "CVE-2022-1619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1619"
    },
    {
      "name": "CVE-2022-32858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32858"
    },
    {
      "name": "CVE-2022-32899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32899"
    },
    {
      "name": "CVE-2022-32870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32870"
    },
    {
      "name": "CVE-2022-0685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0685"
    },
    {
      "name": "CVE-2022-42820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42820"
    },
    {
      "name": "CVE-2022-32934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32934"
    },
    {
      "name": "CVE-2022-42825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42825"
    },
    {
      "name": "CVE-2022-32888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32888"
    },
    {
      "name": "CVE-2022-2125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2125"
    },
    {
      "name": "CVE-2022-42791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42791"
    },
    {
      "name": "CVE-2022-32946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32946"
    }
  ],
  "initial_release_date": "2022-10-25T00:00:00",
  "last_revision_date": "2022-10-25T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-947",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-10-25T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n\nApple indique que la vuln\u00e9rabilit\u00e9\u00a0CVE-2022-42827 serait activement\nexploit\u00e9e.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT213493 du 24 octobre 2022",
      "url": "https://support.apple.com/fr-fr/HT213493"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT213489 du 24 octobre 2022",
      "url": "https://support.apple.com/fr-fr/HT213489"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT213492 du 24 octobre 2022",
      "url": "https://support.apple.com/fr-fr/HT213492"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT213491 du 24 octobre 2022",
      "url": "https://support.apple.com/fr-fr/HT213491"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT213494 du 24 octobre 2022",
      "url": "https://support.apple.com/fr-fr/HT213494"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT213488 du 24 octobre 2022",
      "url": "https://support.apple.com/fr-fr/HT213488"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT213495 du 24 octobre 2022",
      "url": "https://support.apple.com/fr-fr/HT213495"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-32913 (GCVE-0-2022-32913)

GSD-2022-32913

FKIE_CVE-2022-32913

GHSA-FGF8-VX7F-99W6

CERTFR-2022-AVI-947

Solution

Tags

Sightings

Nomenclature