CVE-2022-32875
published 2022-11-01CVE-2022-32875: A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey…
PriorityP421medium5CVSS 3.1
AVLACLPRLUIRSUCHINAN
EPSS
0.14%
34.2th percentile
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6. An app may be able to read sensitive location information.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios | — | — |
| apple | iphone_os | < 16.0 | 16.0 |
| apple | macos | >= 11.0 < 11.7 | 11.7 |
| apple | macos | >= 12.0 < 12.6 | 12.6 |
| apple | macos | >= unspecified < 13 | 13 |
| apple | macos | >= unspecified < 16 | 16 |
| apple | macos | >= unspecified < 11.7 | 11.7 |
| apple | macos_big_sur | — | — |
| apple | macos_monterey | — | — |
| apple | macos_ventura | — | — |
| apple | watchos | < 9.0 | 9.0 |
| apple | watchos | >= unspecified < 9 | 9 |
| apple | watchos | >= unspecified < 12.6 | 12.6 |
| apple | watchos_9 | — | — |
Apple
CVE-2022-32875: macOS Ventura 13
vendor_apple·2022-10-24·CVSS 5.0
CVE-2022-32875 [MEDIUM] CVE-2022-32875: macOS Ventura 13
Apple Security Update: About the security content of macOS Ventura 13
Product: macOS Ventura
Version: 13
CVE: CVE-2022-32875
Component: Weather
Impact: An app may be able to read sensitive location information
Description: A logic issue was addressed with improved state management.
Apple
CVE-2022-32875: macOS Monterey 12.6
vendor_apple·2022-09-12·CVSS 5.0
CVE-2022-32875 [MEDIUM] CVE-2022-32875: macOS Monterey 12.6
Apple Security Update: About the security content of macOS Monterey 12.6
Product: macOS Monterey
Version: 12.6
CVE: CVE-2022-32875
Component: Weather
Impact: An app may be able to read sensitive location information
Description: A logic issue was addressed with improved state management.
Apple
CVE-2022-32875: iOS 16
vendor_apple·2022-09-12·CVSS 5.0
CVE-2022-32875 [MEDIUM] CVE-2022-32875: iOS 16
Apple Security Update: About the security content of iOS 16
Product: iOS
Version: 16
CVE: CVE-2022-32875
Component: Weather
Impact: An app may be able to read sensitive location information
Description: A logic issue was addressed with improved state management.
Apple
CVE-2022-32875: macOS Big Sur 11.7
vendor_apple·2022-09-12·CVSS 5.0
CVE-2022-32875 [MEDIUM] CVE-2022-32875: macOS Big Sur 11.7
Apple Security Update: About the security content of macOS Big Sur 11.7
Product: macOS Big Sur
Version: 11.7
CVE: CVE-2022-32875
Component: Weather
Impact: An app may be able to read sensitive location information
Description: A logic issue was addressed with improved state management.
Apple
CVE-2022-32875: watchOS 9
vendor_apple·2022-09-12·CVSS 5.0
CVE-2022-32875 [MEDIUM] CVE-2022-32875: watchOS 9
Apple Security Update: About the security content of watchOS 9
Product: watchOS 9
CVE: CVE-2022-32875
Component: Weather
Impact: An app may be able to read sensitive location information
Description: A logic issue was addressed with improved state management.
VulDB
Apple macOS Weather state issue (HT213488 / EUVD-2022-35941)
vuldb·2026-06-04·CVSS 5.0
CVE-2022-32875 [MEDIUM] Apple macOS Weather state issue (HT213488 / EUVD-2022-35941)
A vulnerability categorized as problematic has been discovered in Apple macOS. This issue affects some unknown processing of the component Weather. Such manipulation leads to state issue.
This vulnerability is referenced as CVE-2022-32875. The attack can only be performed from a local environment. No exploit is available.
It is advisable to upgrade the affected component.
VulDB
Apple watchOS state issue (EUVD-2022-35941)
vuldb·2026-06-04·CVSS 5.0
CVE-2022-32875 [MEDIUM] Apple watchOS state issue (EUVD-2022-35941)
A vulnerability has been found in Apple watchOS and classified as critical. Affected is an unknown function. This manipulation causes state issue.
This vulnerability is handled as CVE-2022-32875. It is possible to launch the attack on the local host. There is not any exploit available.
The affected component should be upgraded.
VulDB
Apple iOS state issue (EUVD-2022-35941)
vuldb·2026-06-04·CVSS 5.0
CVE-2022-32875 [MEDIUM] Apple iOS state issue (EUVD-2022-35941)
A vulnerability, which was classified as critical, was found in Apple iOS. This impacts an unknown function. The manipulation results in state issue.
This vulnerability is known as CVE-2022-32875. Attacking locally is a requirement. No exploit is available.
You should upgrade the affected component.
GHSA
GHSA-jmq5-qw6j-fcw3: A logic issue was addressed with improved state management
ghsa_unreviewed·2022-11-02
CVE-2022-32875 [MEDIUM] CWE-200 GHSA-jmq5-qw6j-fcw3: A logic issue was addressed with improved state management
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6. An app may be able to read sensitive location information.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://support.apple.com/en-us/HT213443https://support.apple.com/en-us/HT213444https://support.apple.com/en-us/HT213446https://support.apple.com/en-us/HT213486https://support.apple.com/en-us/HT213488https://support.apple.com/en-us/HT213443https://support.apple.com/en-us/HT213444https://support.apple.com/en-us/HT213446https://support.apple.com/en-us/HT213486https://support.apple.com/en-us/HT213488
2022-11-01
Published