PT-2022-26630 · Apple · Ipados+5
Ivan Fratric
·
Published
2022-12-13
·
Updated
2023-06-07
·
CVE-2022-42855
CVSS v3.1
7.1
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Apple iOS versions prior to 15.7.2
Apple iOS versions prior to 16.2
Apple iPadOS versions prior to 15.7.2
Apple iPadOS versions prior to 16.2
Apple macOS Monterey versions prior to 12.6.2
Apple macOS Ventura versions prior to 13.1
Apple tvOS versions prior to 16.2
Description
A logic issue was addressed with improved state management, which may allow an app to use arbitrary entitlements.
Recommendations
For Apple iOS versions prior to 15.7.2 and prior to 16.2, update to iOS 15.7.2 or iOS 16.2.
For Apple iPadOS versions prior to 15.7.2 and prior to 16.2, update to iPadOS 15.7.2 or iPadOS 16.2.
For Apple macOS Monterey versions prior to 12.6.2, update to macOS Monterey 12.6.2.
For Apple macOS Ventura versions prior to 13.1, update to macOS Ventura 13.1.
For Apple tvOS versions prior to 16.2, update to tvOS 16.2.
Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apple Macos
Ios
Ipados
Macos Monterey
Macos Ventura
Tvos