PT-2022-21586 · Apple · Apple Macos+2

Jiří Vinopal

Published

2022-10-24

Updated

2022-11-02

CVE-2022-32928

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions iOS versions prior to 16 macOS versions prior to Ventura 13 watchOS versions prior to 9

Description A logic issue was addressed with improved restrictions. A user in a privileged network position may be able to intercept mail credentials.

Recommendations For iOS versions prior to 16, update to iOS 16 to resolve the issue. For macOS versions prior to Ventura 13, update to macOS Ventura 13 to resolve the issue. For watchOS versions prior to 9, update to watchOS 9 to resolve the issue.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2022-32928

Affected Products

Apple Macos

Ios

Watchos

PT-2022-21586 · Apple · Apple Macos+2

CVE-2022-32928

Weakness Enumeration

Related Identifiers

Affected Products

References · 7