Rewterz Threat Alert – APT SideWinder Group Targeting Pakistan – Active IOCs
December 15, 2022Rewterz Threat Alert – CVE-2022-42845 – Apple tvOS Vulnerability
December 15, 2022Severity
High
Analysis Summary
CVE-2022-46702 CVSS:7.5
Apple iOS and iPadOS could allow a remote attacker to obtain sensitive information, caused by a flaw in the GPU Drivers. By executing a specially-crafted application, an attacker could exploit this vulnerability to obtain sensitive kernel memory information, and use this information to launch further attacks against the affected system.
CVE-2022-42850 CVSS:7.8
Apple iOS and iPadOS could allow a local attacker to gain elevated privileges on the system, caused by an issue in the Graphics Driver component. By using a specially-crafted application, an attacker could exploit this vulnerability to execute arbitrary code with kernel privileges.
CVE-2022-46691 CVSS:8.8
Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption flaw in the WebKit component. By persuading a victim to open a specially-crafted web content, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2022-46690 CVSS:7.8
Apple iOS and iPadOS could allow a local attacker to gain elevated privileges on the system, caused by an an out-of-bounds write in the IOMobileFrameBuffer component. By using a specially-crafted application, an attacker could exploit this vulnerability to execute arbitrary code with kernel privileges.
CVE-2022-46692 CVSS:6.5
Apple iOS and iPadOS could allow a remote attacker to bypass security restrictions, caused by a logic issue in the WebKit component. By persuading a victim to visit a specially-crafted web content, an attacker could exploit this vulnerability to bypass Same Origin Policy.
CVE-2022-46701 CVSS:8.8
Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Kernel component. By persuading a victim to connect to a specially-crafted NFS server, an attacker could exploit this vulnerability to execute arbitrary code with kernel privileges.
CVE-2022-42846 CVSS:5.5
Apple iOS and iPadOS are vulnerable to a denial of service, caused by an issue in the Graphics Driver component. By persuading a victim to open a specially crafted video file, an attacker could exploit this vulnerability to cause a denial of service.
CVE-2022-42844 CVSS:5.5
Apple iOS and iPadOS could allow a local attacker to bypass security restrictions, caused by an issue in the Kernel component. By using a specially-crafted application, an attacker could exploit this vulnerability to break out of its sandbox.
CVE-2022-46696 CVSS:8.8
Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption flaw in the WebKit component. By persuading a victim to open a specially-crafted web content, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2022-46693 CVSS:7.8
Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write flaw in the ImageIO component. By persuading a victim to open a specially-crafted file , an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2022-42859 CVSS:5.5
Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write flaw in the ImageIO component. By persuading a victim to open a specially-crafted file , an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2022-42865 CVSS:5.5
Apple iOS and iPadOS could allow a local attacker to bypass security restrictions, caused by an issue in the AppleMobileFileIntegritycomponent. By using a specially-crafted application, an attacker could exploit this vulnerability to bypass Privacy preferences.
CVE-2022-42851 CVSS:5.5
Apple iOS and iPadOS could allow a remote attacker to obtain sensitive information, caused by an issue in the ImageIO component. By persuading a victim to open a specially crafted TIFF file, an attacker could exploit this vulnerability to obtain sensitive information.
CVE-2022-42848 CVSS:7.8
Apple iOS and iPadOS could allow a local attacker to gain elevated privileges on the system, caused by a logic issue in the AVEVideoEncoder component. By using a specially-crafted application, an attacker could exploit this vulnerability to execute arbitrary code with kernel privileges.
CVE-2022-32943 CVSS:5.3
Apple iOS and iPadOS could allow a remote attacker to bypass security restrictions, caused by a flaw in the Photos component. By sending a specially-crafted request using Photos, an attacker could exploit this vulnerability to allow a deleted photo to be re-surfaced without authentication.
CVE-2022-42862 CVSS:7.5
Apple iOS and iPadOS could allow a remote attacker to bypass security restrictions, caused by a flaw in the Printing component. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass Privacy preferences.
CVE-2022-42866 CVSS:5.5
Apple iOS and iPadOS could allow a local attacker to obtain sensitive information, caused by an issue in the Weather component. By using a specially-crafted application, an attacker could exploit this vulnerability to read sensitive location information.
CVE-2022-46698 CVSS:6.5
Apple iOS and iPadOS could allow a remote attacker to obtain sensitive information, caused by logic issue in the WebKit comonent. By persuading a victim to visit a specially-crafted web content, an attacker could exploit this vulnerability to obtain sensitive user information, and use this information to launch further attacks against the affected system.
CVE-2022-42855 CVSS:7.5
Apple iOS and iPadOS could allow a remote attacker to bypass security restrictions, caused by a logic issue in the Preferences component. By executing a specially-crafted application, an attacker could exploit this vulnerability to use arbitrary entitlements.
CVE-2022-42863 CVSS:8.8
Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption flaw in the WebKit component. By persuading a victim to open a specially-crafted web content, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2022-42843 CVSS:5.5
Apple iOS and iPadOS could allow a local attacker to obtain sensitive information, caused by an issue in the Accounts component. By using a specially-crafted application, an attacker could exploit this vulnerability to view sensitive user information.
CVE-2022-42849 CVSS:7.8
Apple iOS and iPadOS could allow a local attacker to gain elevated privileges on the system, caused by an access issue in the Software Update component. By using a specially crafted application, an attacker could exploit this vulnerability to execute arbitrary code with elevated privileges.
CVE-2022-46699 CVSS:8.8
Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption flaw in the WebKit component. By persuading a victim to open a specially-crafted web content, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Information Disclosure
- Privilege Escalation
- Code Execution
- Security Bypass
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2022-46702
- CVE-2022-42850
- CVE-2022-46691
- CVE-2022-46690
- CVE-2022-46692
- CVE-2022-46701
- CVE-2022-42846
- CVE-2022-42844
- CVE-2022-46696
- CVE-2022-46693
- CVE-2022-42859
- CVE-2022-42865
- CVE-2022-42851
- CVE-2022-42848
- CVE-2022-32943
- CVE-2022-42862
- CVE-2022-42866
- CVE-2022-46698
- CVE-2022-42855
- CVE-2022-42863
- CVE-2022-42843
- CVE-2022-42849
- CVE-2022-46699
Affected Vendors
Apple
Affected Products
- Apple iOS 16.1
- Apple iPadOS 16.1
Remediation
Refer to Apple Security Advisory for patch, upgrade or suggested workaround information.