CVE-2022-32935Improper Authentication in Apple Macos

CWE-287Improper Authentication5 documents3 sources
Severity
4.6MEDIUMNVD
EPSS
0.1%
top 71.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Apple MacosApple IpadosApple Iphone OS+3 more
Timeline
PublishedNov 1
Latest updateNov 2

Description

A lock screen issue was addressed with improved state management. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. A user may be able to view restricted content from the lock screen.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 0.9 | Impact: 3.6

Affected Packages7 packages

NVDapple/ipados< 15.7.1
CVEListV5apple/macosunspecified13+2

🔴Vulnerability Details

1
GHSA
GHSA-2h36-2cxh-4whm: A lock screen issue was addressed with improved state management2022-11-02

📋Vendor Advisories

3
Apple
CVE-2022-32935: iOS 15.7.1 and iPadOS 15.7.12022-10-27
Apple
CVE-2022-32935: iOS 16.1 and iPadOS 162022-10-24
Apple
CVE-2022-32935: macOS Ventura 132022-10-24