An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, macOS Monterey 12.6. An app may be able to bypass code signing checks.
References
| Link | Resource |
|---|---|
| https://support.apple.com/en-us/HT213443 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/HT213444 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/HT213445 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/HT213446 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/HT213488 | Release Notes Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
08 Aug 2023, 14:22
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-347 |
03 Nov 2022, 03:48
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* |
|
| First Time |
Apple macos
Apple iphone Os Apple Apple ipados |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
| CWE | CWE-20 | |
| References | (MISC) https://support.apple.com/en-us/HT213443 - Release Notes, Vendor Advisory | |
| References | (MISC) https://support.apple.com/en-us/HT213445 - Release Notes, Vendor Advisory | |
| References | (MISC) https://support.apple.com/en-us/HT213444 - Release Notes, Vendor Advisory | |
| References | (MISC) https://support.apple.com/en-us/HT213446 - Release Notes, Vendor Advisory | |
| References | (MISC) https://support.apple.com/en-us/HT213488 - Release Notes, Vendor Advisory |
01 Nov 2022, 20:17
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-11-01 20:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-42793
Mitre link : CVE-2022-42793
CVE.ORG link : CVE-2022-42793
JSON object : View
Products Affected
apple
- iphone_os
- macos
- ipados
CWE
CWE-347
Improper Verification of Cryptographic Signature