CVE-2022-32854

This issue was addressed with improved checks. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to bypass Privacy preferences.
References
Link Resource
http://seclists.org/fulldisclosure/2022/Oct/39 Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2022/Oct/40 Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2022/Oct/45 Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2022/Oct/49 Mailing List Third Party Advisory
https://support.apple.com/en-us/HT213443 Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213445 Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213446 Release Notes Vendor Advisory
https://support.apple.com/kb/HT213486 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

History

08 Aug 2023, 14:22

Type Values Removed Values Added
CWE CWE-863 NVD-CWE-noinfo

16 Nov 2022, 17:21

Type Values Removed Values Added
CPE cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
References (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/40 - (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/40 - Mailing List, Third Party Advisory
References (CONFIRM) https://support.apple.com/kb/HT213486 - (CONFIRM) https://support.apple.com/kb/HT213486 - Vendor Advisory
References (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/39 - (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/39 - Mailing List, Third Party Advisory
References (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/45 - (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/45 - Mailing List, Third Party Advisory
References (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/49 - (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/49 - Mailing List, Third Party Advisory
First Time Apple watchos

31 Oct 2022, 00:15

Type Values Removed Values Added
References
  • (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/49 -
  • (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/45 -

30 Oct 2022, 23:15

Type Values Removed Values Added
References
  • (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/40 -
  • (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/39 -

27 Oct 2022, 22:15

Type Values Removed Values Added
References
  • (CONFIRM) https://support.apple.com/kb/HT213486 -

22 Sep 2022, 19:55

Type Values Removed Values Added
CWE CWE-863
CPE cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
First Time Apple macos
Apple iphone Os
Apple ipados
Apple
References (MISC) https://support.apple.com/en-us/HT213445 - (MISC) https://support.apple.com/en-us/HT213445 - Release Notes, Vendor Advisory
References (MISC) https://support.apple.com/en-us/HT213443 - (MISC) https://support.apple.com/en-us/HT213443 - Release Notes, Vendor Advisory
References (MISC) https://support.apple.com/en-us/HT213446 - (MISC) https://support.apple.com/en-us/HT213446 - Release Notes, Vendor Advisory

20 Sep 2022, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-09-20 21:15

Updated : 2023-12-10 14:35


NVD link : CVE-2022-32854

Mitre link : CVE-2022-32854

CVE.ORG link : CVE-2022-32854


JSON object : View

Products Affected

apple

  • watchos
  • macos
  • iphone_os
  • ipados