CVE-2022-42865

Sažetak

This issue was addressed by enabling hardened runtime. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to bypass Privacy preferences.

Reference

http://seclists.org/fulldisclosure/2022/Dec/20
http://seclists.org/fulldisclosure/2022/Dec/23
http://seclists.org/fulldisclosure/2022/Dec/26
http://seclists.org/fulldisclosure/2022/Dec/27
https://support.apple.com/en-us/HT213530
https://support.apple.com/en-us/HT213532
https://support.apple.com/en-us/HT213535
https://support.apple.com/en-us/HT213536
https://support.apple.com/kb/HT213534
http://seclists.org/fulldisclosure/2022/Dec/20
http://seclists.org/fulldisclosure/2022/Dec/23
http://seclists.org/fulldisclosure/2022/Dec/26
http://seclists.org/fulldisclosure/2022/Dec/27
https://support.apple.com/en-us/HT213530
https://support.apple.com/en-us/HT213532
https://support.apple.com/en-us/HT213535
https://support.apple.com/en-us/HT213536
https://support.apple.com/kb/HT213534

CVSS

Base:	5.5
Impact:	3.6
Exploitability:	1.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	HIGH	NONE

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Zadnje važnije ažuriranje

21-04-2025 - 15:15

Objavljeno

15-12-2022 - 19:15