Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
September 18, 2023
Severity Medium Analysis Summary Lumma is an information stealer that is sold as a Malware-as-a-Service (MaaS) on Russian-speaking underground forums and Telegram. Lumma is an information […]September 18, 2023Severity Medium Analysis Summary CVE-2023-4948 CVSS:4.3 WooCommerce CVR Payment Gateway Plugin for WordPress could allow a remote attacker to bypass security restrictions, caused by missing capability […]September 18, 2023Severity High Analysis Summary Microsoft has stated that a ransomware group working with an initial access broker has recently started using Microsoft Teams for their phishing […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
September 18, 2023Severity Medium Analysis Summary Lumma is an information stealer that is sold as a Malware-as-a-Service (MaaS) on Russian-speaking underground forums and Telegram. Lumma is an information […]September 18, 2023Severity Medium Analysis Summary CVE-2023-4948 CVSS:4.3 WooCommerce CVR Payment Gateway Plugin for WordPress could allow a remote attacker to bypass security restrictions, caused by missing capability […]September 18, 2023Severity High Analysis Summary Microsoft has stated that a ransomware group working with an initial access broker has recently started using Microsoft Teams for their phishing […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Rewterz Threat Advisory – CVE-2021-34360 – QNAP NAS Vulnerability
May 28, 2022Rewterz Threat Advisory – CVE-2022-1462 – Linux Kernel Vulnerability
May 30, 2022
Severity
High
Analysis Summary
CVE-2022-26691 CVSS:7.8
Apple macOS Monterey and macOS Big Sur could allow a local authenticated attacker to gain elevated privileges on the system, caused by a logic issue in the CUPS component. By using a specially-crafted application, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2022-26690 CVSS:6.2
Apple macOS Monterey could allow a local attacker to bypass security restrictions, caused by a race condition issue in the PackageKit component. By using a specially-crafted application, an attacker could exploit this vulnerability to modify protected parts of the file system.
CVE-2022-26688 CVSS:4.4
Apple macOS Monterey and macOS Big Sur could allow a local authenticated attacker to bypass security restrictions, caused by an issue in the handling of symlinks in the PackageKit component. By using a specially-crafted application, an attacker could exploit this vulnerability to modify the contents of system files.
CVE-2022-22676 CVSS:6.8
Apple macOS Monterey could allow a local attacker to bypass security restrictions, caused by an event handler validation issue in the XPC Services API in the PackageKit component. By using a specially-crafted application, an attacker could exploit this vulnerability to delete files on the system.
CVE-2022-22672 CVSS:8.4
Apple macOS Monterey, iOS and iPadOS could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption issue in the MobileAccessoryUpdater component. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code code with kernel privileges.
CVE-2021-31010 CVSS:8.4
Apple macOS Big Sur, watchOS, iOS and iPadOS could allow a local attacker to execute arbitrary code on the system, caused by a deserialization issue in the Core Telephony component. By using a specially-crafted application, an attacker could exploit this vulnerability to bypass sandbox restrictions to execute arbitrary code on the system.
CVE-2021-31009 CVSS:6.2
An unspecified error with multiple issues in HDF5 in Apple macOS Monterey, iOS and iPadOS has an unknown impact and attack vector.
CVE-2021-31008 CVSS:8.8
Apple Safari, tvOS, watchOS, macOS Monterey, iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a type confusion issue in the WebKit component. By persuading a victim to visit a specially-crafted web content, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2021-31007 CVSS:6.2
Apple macOS Big Sur, macOS Monterey, tvOS, watchOS, iOS and iPadOS could allow a local attacker to bypass security restrictions, caused by a permissions issue in the File Provider component. By using a specially-crafted application, an attacker could exploit this vulnerability to bypass Privacy preferences.
CVE-2021-31006 CVSS:6.2
Apple macOS Big Sur, watchOS, and tvOS could allow a local attacker to bypass security restrictions, caused by a permissions issue in the App Store component. By using a specially-crafted application, an attacker could exploit this vulnerability to bypass certain Privacy preferences.
CVE-2021-31005 CVSS:4
Apple macOS Monterey, iOS and iPadOS could allow a local attacker to bypass security restrictions, caused by a logic issue in the WebKit component. By using a specially-crafted application, an attacker could exploit this vulnerability to cause turning off “Block all remote content” not apply to all remote content types.
CVE-2021-31001 CVSS:6.5
Apple iOS and iPadOS could allow a remote attacker to obtain sensitive information, caused by an access issue in the Telephony component. By sending a specially-crafted request, an attacker could exploit this vulnerability to continue to obtain sensitive user information.
CVE-2021-31000 CVSS:4
Apple macOS Monterey, tvOS, watchOS, iOS and iPadOS could allow a local attacker to obtain sensitive information, caused by a permissions issue in the Game Center component. By using a specially-crafted application, an attacker could exploit this vulnerability to read sensitive contact information.
CVE-2021-30999 CVSS:4
Apple iOS and iPadOS could allow a local attacker to bypass security restrictions, caused by a permissions issue in the Safari component. By using a specially-crafted application, an attacker could exploit this vulnerability to fully delete the browsing history.
CVE-2021-30998 CVSS:4
Apple iOS and iPadOS could allow a local attacker to obtain sensitive information, caused by a S/MIME issue existed in the handling of encrypted email in the Mail component. By sending a specially-crafted request, an attacker could exploit this vulnerability to the sender’s email address.
CVE-2021-30997 CVSS:6.2
Apple iOS and iPadOS could allow a local attacker to obtain sensitive information, caused by a S/MIME issue existed in the handling of encrypted email in the Mail component. By sending a specially-crafted request, an attacker could exploit this vulnerability to recover plaintext contents of an S/MIME-encrypted e-mail.
CVE-2021-30994 CVSS:4
Apple macOS Monterey could allow a local attacker to obtain sensitive information, caused by an access issue in the App Store component. By using a specially-crafted application, an attacker could exploit this vulnerability to disclose local users’ Apple IDs.
CVE-2021-30962 CVSS:4
Apple macOS Big Sur and tvOS could allow a local attacker to obtain sensitive information, caused by a memory initialization issue in the CoreAudio component. By using a specially-crafted audio file, an attacker could exploit this vulnerability to disclose user information.
CVE-2021-30956 CVSS:2.4
Apple iOS and iPadOS could allow a physical attacker to obtain sensitive information, caused by a lock screen issue in the FaceTime component. By performing specially-crafted operations, an attacker could exploit this vulnerability to access to contacts on a locked device.
CVE-2021-30944 CVSS:4
Apple macOS Monterey, tvOS, watchOS, iOS and iPadOS could allow a local attacker to obtain sensitive information, caused by a logic issue in the SQLite component. By using a specially-crafted application, an attacker could exploit this vulnerability to access data from other apps by enabling additional logging.
CVE-2021-30943 CVSS:5.3
Apple macOS Monterey, watchOS, iOS and iPadOS could allow a remote attacker to obtain sensitive information, caused by an issue in the handling of group membership in the Messages component. By sending a specially-crafted request, an attacker could exploit this vulnerability to continue to receive messages after leaving a messages group.
CVE-2021-30933 CVSS:
Apple macOS Monterey could allow a local authenticated attacker to execute arbitrary code on the system, caused by a race condition flaw in the Graphics Drivers component. By executing a specially-crafted application, an attacker could exploit this vulnerability to execute arbitrary code with kernel privileges.
Impact
- Privilege Escalation
- Security Bypass
- Code Execution
- Gain Access
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2022-26691
- CVE-2022-26690
- CVE-2022-26688
- CVE-2022-22676
- CVE-2022-22672
- CVE-2021-31010
- CVE-2021-31009
- CVE-2021-31008
- CVE-2021-31007
- CVE-2021-31006
- CVE-2021-31005
- CVE-2021-31001
- CVE-2021-31000
- CVE-2021-30999
- CVE-2021-30998
- CVE-2021-30997
- CVE-2021-30994
- CVE-2021-30962
- CVE-2021-30956
- CVE-2021-30944
- CVE-2021-30943
- CVE-2021-30933
Affected Vendors
- Apple
Affected Products
- Apple macOS Monterey 12.2.0
- Apple macOS Big Sur 11.6.4
- Apple macOS Monterey 12.1
- Apple iOS 15.3
- Apple iPadOS 15.3
- Apple macOS Big Sur 11.5.0
- Apple watchOS 7.6.1
- Apple iOS 14.7
- Apple iPadOS 14.7
- Apple iPadOS 14.8
- Apple iOS 14.8
- Apple tvOS 15.0
- Apple watchOS 8.0
- Apple watchOS 7.5.0
- Apple tvOS 14.6
- Apple macOS Big Sur 11.4.0
- Apple iOS 15.1
- Apple iPadOS 15.1
Remediation
Refer to Apple security Advisory for patch, upgrade or suggested workaround information.
Apple iOS 15.2 and iPadOS 15.2
Apple iOS 15.1 and iPadOS 15.1