| Vulnerability Name: | CVE-2022-42825 (CCN-238772) | ||||||||||||
| Assigned: | 2022-10-24 | ||||||||||||
| Published: | 2022-10-24 | ||||||||||||
| Updated: | 2022-11-03 | ||||||||||||
| Summary: | This issue was addressed by removing additional entitlements. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. An app may be able to modify protected parts of the file system. | ||||||||||||
| CVSS v3 Severity: | 5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) 4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)
4.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:C/A:N)
| ||||||||||||
| Vulnerability Type: | CWE-noinfo | ||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2022-42825 Source: XF Type: UNKNOWN apple-ios-cve202242825-sec-bypass(238772) Source: MISC Type: Vendor Advisory https://support.apple.com/en-us/HT213488 Source: CCN Type: Apple security document HT213489 About the security content of iOS 16.1 and iPadOS 16 Source: MISC Type: Vendor Advisory https://support.apple.com/en-us/HT213489 Source: MISC Type: Vendor Advisory https://support.apple.com/en-us/HT213491 Source: MISC Type: Vendor Advisory https://support.apple.com/en-us/HT213492 Source: MISC Type: Vendor Advisory https://support.apple.com/en-us/HT213493 Source: MISC Type: Vendor Advisory https://support.apple.com/en-us/HT213494 | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||