• Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Press Release
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Advisory – Multiple Apache HTTP Server Vulnerabilities
March 15, 2022
Rewterz Threat Alert – APT C-36 Blind Eagle – Active IOCs
March 15, 2022

Rewterz Threat Advisory – Multiple Apple iOS and iPadOS Vulnerabilities

March 15, 2022

Severity

High

Analysis Summary

CVE-2022-22668

Apple iOS and iPadOS could allow a local attacker to obtain sensitive information, caused by a logic issue in the Wi-Fi component. By using a specially-crafted application, an attacker could exploit this vulnerability to obtain sensitive information

CVE-2022-22637

Apple iOS and iPadOS could allow a remote attacker to bypass security restrictions, caused by a logic issue in the WebKit component. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to cause unexpected cross-origin behavior.

CVE-2022-22629

Apple iOS and iPadOS is vulnerable to a buffer overflow, caused by improper bounds checking by the WebKit component. By persuading a victim to visit a specially-crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.

CVE-2022-22628

Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in the WebKit component. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service.

CVE-2022-22637

Apple iOS and iPadOS could allow a remote attacker to bypass security restrictions, caused by a logic issue in the WebKit component. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to cause unexpected cross-origin behavior.

CVE-2022-22624

Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in the WebKit component. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service.

CVE-2022-22610

Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption in the WebKit component. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service.

CVE-2022-22662

Apple iOS and iPadOS could allow a remote attacker to obtain sensitive information, caused by a cookie management issue in the WebKit component. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to obtain sensitive user information.

CVE-2022-22671

Apple iOS and iPadOS could allow a local attacker to obtain sensitive information, caused by an authentication issue in the VoiceOver component. By using a specially-crafted application, an attacker could exploit this vulnerability to access photos from the lock screen.

CVE-2022-22621

Apple iOS and iPadOS could allow a local attacker to obtain sensitive information, caused by an issue in the UIKit component. By using a specially-crafted application, an attacker could exploit this vulnerability using keyboard suggestions to obtain sensitive information.

CVE-2022-22639

Apple iOS and iPadOS could allow a local attacker to gain elevated privileges on the system, caused by a logic issue in the SoftwareUpdate component. By using a specially crafted application, an attacker could exploit this vulnerability to execute arbitrary code with elevated privileges.

CVE-2022-22599

Apple iOS and iPadOS could allow a local attacker to obtain sensitive information, caused by a permissions issue in the Siri component. By using a specially-crafted application, an attacker could exploit this vulnerability to obtain some location information from the lock screen.

CVE-2022-22600

Apple iOS and iPadOS could allow a local attacker to bypass security restrictions, caused by an error in the Sandbox component. By using a specially-crafted application, an attacker could exploit this vulnerability to bypass certain Privacy preferences.

CVE-2022-22609

Apple iOS and iPadOS could allow a local attacker to obtain sensitive information, caused by an error in the Preferences component. By using a specially-crafted application, an attacker could exploit this vulnerability to read other applications’ settings.

CVE-2022-22618

Apple iOS and iPadOS could allow a local attacker to bypass security restrictions, caused by an error in the Phone component. By using a specially-crafted application, an attacker could exploit this vulnerability to bypass the Emergency SOS passcode prompt.

CVE-2022-22659

Apple iOS and iPadOS could allow a remote authenticated attacker to obtain sensitive information, caused by a logic issue in the NetworkExtension component. An attacker could exploit this vulnerability to obtain sensitive user information.

CVE-2022-22670

Apple iOS and iPadOS could allow a local attacker to bypass security restrictions, caused by an access issue in the MediaRemote component. By using a specially-crafted application, an attacker could exploit this vulnerability to identify what other applications a user has installed.

CVE-2022-22622

Apple iOS and iPadOS could allow a local attacker to obtain sensitive information, caused by an issue in the Markup component. By using a specially-crafted application, an attacker could exploit this vulnerability using keyboard suggestions to obtain sensitive information.

CVE-2022-22641

Apple iOS and iPadOS could allow a local attacker to gain elevated privileges on the system, caused by a use-after-free in the IOGPUFamily component. By using a specially crafted application, an attacker could exploit this vulnerability to execute arbitrary code with elevated privileges.

CVE-2022-22612

Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a memory consumption issue in the ImageIO component. By persuading a victim to open a specially crafted image file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service.

CVE-2022-22661

Apple macOS Big Sur could allow a local authenticated attacker to execute arbitrary code on the system, caused by a type confusion issue in the Intel Graphics Driver component. By executing a specially-crafted application, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2022-22656

Apple macOS Big Sur could allow a local authenticated attacker to obtain sensitive information, caused by an authentication issue is the LoginWindow component. By sending a specially-crafted using the fast user switching screen, an attacker could exploit this vulnerability to view the previous logged in user’s desktop, and use this information to launch further attacks against the affected system.

CVE-2022-22650

Apple macOS Big Sur could allow a local authenticated attacker to obtain sensitive information, caused by an improper permission issue in the QuickTime Player comonent. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain user data information, and use this information to launch further attacks against the affected system.

CVE-2022-22648

Apple macOS Big Sur could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the AppleScript component. By executing a specially-crafted application, an attacker could exploit this vulnerability to obtain restricted memory information, and use this information to launch further attacks against the affected system.

CVE-2022-22647

Apple macOS Big Sur could allow a physical attacker to bypass security restrictions, caused by a flaw in the Login Window component. By performing specially-crafted operations, an attacker could exploit this vulnerability to bypass Login Window.

CVE-2022-22631

Apple macOS Big Sur could allow a local authenticated attacker to gain elevated privileges on the system, caused by an out-of-bounds write issue in the AppleGraphicsControl component. By executing a specially-crafted application, an authenticated attacker could exploit this vulnerability to gain elevated privileges.

CVE-2022-22627

Apple macOS Big Sur is vulnerable to a denial of service, caused by an out-of-bounds read issue in the AppleScript component. By persuading a victim to open a specially-crafted AppleScript binary, a remote attacker could exploit this vulnerability to cause the application to crash or obtain sensitive process memory information.

Impact

  • Denial of Service
  • Information Disclosure
  • Security Bypass
  • Buffer Overflow
  • Code Execution
  • Privilege Escalation

Indicator Of Compromise

CVE

  • CVE-2022-22668
  • CVE-2022-22637
  • CVE-2022-22629
  • CVE-2022-22637
  • CVE-2022-22624
  • CVE-2022-22610
  • CVE-2022-22662
  • CVE-2022-22671
  • CVE-2022-22621
  • CVE-2022-22639
  • CVE-2022-22599
  • CVE-2022-22600
  • CVE-2022-22609
  • CVE-2022-22618
  • CVE-2022-22659
  • CVE-2022-22670
  • CVE-2022-22622
  • CVE-2022-22641
  • CVE-2022-22661
  • CVE-2022-22656
  • CVE-2022-22650
  • CVE-2022-22648
  • CVE-2022-22647
  • CVE-2022-22631
  • CVE-2022-22627

Affected Vendors

Apple

Affected Products

  • Apple iOS 15.3
  • Apple iPadOS 15.3
  • Apple iTunes for Windows 12.12.2
  • Apple tvOS 15.3
  • Apple macOS Big Sur 11.6.4

Remediation

Refer to Apple security Advisory for the patch, upgrade, or suggested workaround information.

Apple iOS
Apple iPadOS
Apple iTunes for Windows
Apple tvOS
Apple macOS Big Sur

  • Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.