CVE-2022-46718

Name of the Vulnerable Software and Affected Versions iOS versions prior to 15.7.2 iPadOS versions prior to 15.7.2 macOS Big Sur versions prior to 11.7.2 macOS Monterey versions prior to 12.6.2 macOS Ventura versions prior to 13.1

Description A logic issue was addressed with improved restrictions, which may allow an app to read sensitive location information without user consent. The issue is related to insufficient protection of service data in the Transparency, Consent and Control (TCC) subsystem of macOS, iOS, and iPadOS operating systems. This could enable an attacker to gain unauthorized access to protected information by tracking the user's location.

Recommendations For iOS versions prior to 15.7.2, update to iOS 15.7.2 or later. For iPadOS versions prior to 15.7.2, update to iPadOS 15.7.2 or later. For macOS Big Sur versions prior to 11.7.2, update to macOS Big Sur 11.7.2 or later. For macOS Monterey versions prior to 12.6.2, update to macOS Monterey 12.6.2 or later. For macOS Ventura versions prior to 13.1, update to macOS Ventura 13.1 or later.