CVE-2022-32925Out-of-bounds Write in Apple Watchos

CWE-787Out-of-bounds Write6 documents4 sources
Severity
7.1HIGHNVD
EPSS
0.1%
top 81.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Apple IOSApple WatchosApple Iphone OS+1 more
Timeline
PublishedNov 1
Latest updateNov 2

Description

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to cause unexpected system termination or write kernel memory.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages5 packages

NVDapple/tvos< 16.0
CVEListV5apple/watchosunspecified9+1
NVDapple/watchos< 9.0
CVEListV5apple/iosunspecified16
NVDapple/iphone_os< 16.0

🔴Vulnerability Details

2
GHSA
GHSA-vvvp-mqxf-gjfr: An out-of-bounds write issue was addressed with improved bounds checking2022-11-02
CVEList
CVE-2022-32925: An out-of-bounds write issue was addressed with improved bounds checking2022-11-01

📋Vendor Advisories

3
Apple
CVE-2022-32925: iOS 162022-09-12
Apple
CVE-2022-32925: tvOS 162022-09-12
Apple
CVE-2022-32925: watchOS 92022-09-12
CVE-2022-32925 — Out-of-bounds Write in Apple Watchos | cvebase