Rewterz Threat Advisory – Multiple Apple Products Vulnerabilities

May 28, 2022

Severity

High

Analysis Summary

CVE-2022-26691 CVSS:7.8
Apple macOS Monterey and macOS Big Sur could allow a local authenticated attacker to gain elevated privileges on the system, caused by a logic issue in the CUPS component. By using a specially-crafted application, an authenticated attacker could exploit this vulnerability to gain elevated privileges.

CVE-2022-26690 CVSS:6.2
Apple macOS Monterey could allow a local attacker to bypass security restrictions, caused by a race condition issue in the PackageKit component. By using a specially-crafted application, an attacker could exploit this vulnerability to modify protected parts of the file system.

CVE-2022-26688 CVSS:4.4
Apple macOS Monterey and macOS Big Sur could allow a local authenticated attacker to bypass security restrictions, caused by an issue in the handling of symlinks in the PackageKit component. By using a specially-crafted application, an attacker could exploit this vulnerability to modify the contents of system files.

CVE-2022-22676 CVSS:6.8
Apple macOS Monterey could allow a local attacker to bypass security restrictions, caused by an event handler validation issue in the XPC Services API in the PackageKit component. By using a specially-crafted application, an attacker could exploit this vulnerability to delete files on the system.

CVE-2022-22672 CVSS:8.4
Apple macOS Monterey, iOS and iPadOS could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption issue in the MobileAccessoryUpdater component. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code code with kernel privileges.

CVE-2021-31010 CVSS:8.4
Apple macOS Big Sur, watchOS, iOS and iPadOS could allow a local attacker to execute arbitrary code on the system, caused by a deserialization issue in the Core Telephony component. By using a specially-crafted application, an attacker could exploit this vulnerability to bypass sandbox restrictions to execute arbitrary code on the system.

CVE-2021-31009 CVSS:6.2
An unspecified error with multiple issues in HDF5 in Apple macOS Monterey, iOS and iPadOS has an unknown impact and attack vector.

CVE-2021-31008 CVSS:8.8
Apple Safari, tvOS, watchOS, macOS Monterey, iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a type confusion issue in the WebKit component. By persuading a victim to visit a specially-crafted web content, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2021-31007 CVSS:6.2
Apple macOS Big Sur, macOS Monterey, tvOS, watchOS, iOS and iPadOS could allow a local attacker to bypass security restrictions, caused by a permissions issue in the File Provider component. By using a specially-crafted application, an attacker could exploit this vulnerability to bypass Privacy preferences.

CVE-2021-31006 CVSS:6.2
Apple macOS Big Sur, watchOS, and tvOS could allow a local attacker to bypass security restrictions, caused by a permissions issue in the App Store component. By using a specially-crafted application, an attacker could exploit this vulnerability to bypass certain Privacy preferences.

CVE-2021-31005 CVSS:4
Apple macOS Monterey, iOS and iPadOS could allow a local attacker to bypass security restrictions, caused by a logic issue in the WebKit component. By using a specially-crafted application, an attacker could exploit this vulnerability to cause turning off “Block all remote content” not apply to all remote content types.

CVE-2021-31001 CVSS:6.5
Apple iOS and iPadOS could allow a remote attacker to obtain sensitive information, caused by an access issue in the Telephony component. By sending a specially-crafted request, an attacker could exploit this vulnerability to continue to obtain sensitive user information.

CVE-2021-31000 CVSS:4
Apple macOS Monterey, tvOS, watchOS, iOS and iPadOS could allow a local attacker to obtain sensitive information, caused by a permissions issue in the Game Center component. By using a specially-crafted application, an attacker could exploit this vulnerability to read sensitive contact information.

CVE-2021-30999 CVSS:4
Apple iOS and iPadOS could allow a local attacker to bypass security restrictions, caused by a permissions issue in the Safari component. By using a specially-crafted application, an attacker could exploit this vulnerability to fully delete the browsing history.

CVE-2021-30998 CVSS:4
Apple iOS and iPadOS could allow a local attacker to obtain sensitive information, caused by a S/MIME issue existed in the handling of encrypted email in the Mail component. By sending a specially-crafted request, an attacker could exploit this vulnerability to the sender’s email address.

CVE-2021-30997 CVSS:6.2
Apple iOS and iPadOS could allow a local attacker to obtain sensitive information, caused by a S/MIME issue existed in the handling of encrypted email in the Mail component. By sending a specially-crafted request, an attacker could exploit this vulnerability to recover plaintext contents of an S/MIME-encrypted e-mail.

CVE-2021-30994 CVSS:4
Apple macOS Monterey could allow a local attacker to obtain sensitive information, caused by an access issue in the App Store component. By using a specially-crafted application, an attacker could exploit this vulnerability to disclose local users’ Apple IDs.

CVE-2021-30962 CVSS:4
Apple macOS Big Sur and tvOS could allow a local attacker to obtain sensitive information, caused by a memory initialization issue in the CoreAudio component. By using a specially-crafted audio file, an attacker could exploit this vulnerability to disclose user information.

CVE-2021-30956 CVSS:2.4
Apple iOS and iPadOS could allow a physical attacker to obtain sensitive information, caused by a lock screen issue in the FaceTime component. By performing specially-crafted operations, an attacker could exploit this vulnerability to access to contacts on a locked device.

CVE-2021-30944 CVSS:4
Apple macOS Monterey, tvOS, watchOS, iOS and iPadOS could allow a local attacker to obtain sensitive information, caused by a logic issue in the SQLite component. By using a specially-crafted application, an attacker could exploit this vulnerability to access data from other apps by enabling additional logging.

CVE-2021-30943 CVSS:5.3
Apple macOS Monterey, watchOS, iOS and iPadOS could allow a remote attacker to obtain sensitive information, caused by an issue in the handling of group membership in the Messages component. By sending a specially-crafted request, an attacker could exploit this vulnerability to continue to receive messages after leaving a messages group.

CVE-2021-30933 CVSS:
Apple macOS Monterey could allow a local authenticated attacker to execute arbitrary code on the system, caused by a race condition flaw in the Graphics Drivers component. By executing a specially-crafted application, an attacker could exploit this vulnerability to execute arbitrary code with kernel privileges.