CVE-2022-22670 — Apple IOS AND Ipados vulnerability

5 documents3 sources

Severity

3.3LOWNVD

EPSS

0.2%

top 53.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple IOS AND Ipados Apple Tvos Apple Watchos +3 more

Timeline

PublishedMar 18

Latest updateMar 19

Description

An access issue was addressed with improved access restrictions. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, watchOS 8.5. A malicious application may be able to identify what other applications a user has installed.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages10 packages

▶CVEListV5apple/tvosunspecified — 15.4

▶NVDapple/tvos< 15.4

▶NVDapple/ipados< 15.4

▶CVEListV5apple/watchosunspecified — 8.5

▶NVDapple/watchos< 8.5

🔴Vulnerability Details

GHSA

GHSA-7r62-p26c-72cj: An access issue was addressed with improved access restrictions↗2022-03-19

▶

📋Vendor Advisories

Apple

CVE-2022-22670: watchOS 8.5↗2022-03-14

▶

Apple

CVE-2022-22670: tvOS 15.4↗2022-03-14

▶

Apple

CVE-2022-22670: iOS 15.4 and iPadOS 15.4↗2022-03-14

▶