CVE-2022-32838

CWE-2857 documents4 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 79.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Apple MacosApple IpadosApple Iphone OS+1 more
Timeline
PublishedAug 24
Latest updateAug 25

Description

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6. An app may be able to read arbitrary files.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages5 packages

CVEListV5apple/macosunspecified12.5+3
NVDapple/macos11.011.6.8+3
NVDapple/mac_os_x10.15.7
NVDapple/ipados< 15.6
NVDapple/iphone_os< 15.6

🔴Vulnerability Details

2
GHSA
GHSA-q53v-392r-55mw: A logic issue was addressed with improved state management2022-08-25
CVEList
CVE-2022-32838: A logic issue was addressed with improved state management2022-08-24

📋Vendor Advisories

4
Apple
CVE-2022-32838: macOS Big Sur 11.6.82022-07-20
Apple
CVE-2022-32838: iOS 15.6 and iPadOS 15.62022-07-20
Apple
CVE-2022-32838: macOS Monterey 12.52022-07-20
Apple
CVE-2022-32838: Security Update 2022-005 Catalina2022-07-20
CVE-2022-32838 (MEDIUM CVSS 5.5) | A logic issue was addressed with im | cvebase.io