Apple tvOS vulnerabilities

CVE-2022-32815 [HIGH] CWE-787 CVE-2022-32815: The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15 The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app with root privileges may be able to execute arbitrary code with kernel privileges.

CVE-2022-32821 [HIGH] CWE-787 CVE-2022-32821: A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.7 A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.

CVE-2020-36521 [HIGH] CWE-125 CVE-2020-36521: An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud fo An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents.

CVE-2022-22610 [HIGH] CWE-787 CVE-2022-22610: A memory corruption issue was addressed with improved state management. This issue is fixed in macOS A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to code execution.

CVE-2022-32792 [HIGH] CWE-787 CVE-2022-32792: An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iO An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2022-32825 [MEDIUM] CWE-200 CVE-2022-32825: The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15 The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel memory.

CVE-2022-32832 [MEDIUM] CVE-2022-32832: The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15 The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app with root privileges may be able to execute arbitrary code with kernel privileges.

CVE-2022-32816 [MEDIUM] CWE-451 CVE-2022-32816: The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iO The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Visiting a website that frames malicious content may lead to UI spoofing.

CVE-2022-32849 [MEDIUM] CWE-200 CVE-2022-32849: An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed i An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to access sensitive user information.

CVE-2022-32817 [MEDIUM] CWE-125 CVE-2022-32817: An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in watc An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel memory.

CVE-2022-32841 [MEDIUM] CWE-125 CVE-2022-32841: The issue was addressed with improved memory handling. This issue is fixed in watchOS 8.7, tvOS 15.6 The issue was addressed with improved memory handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Processing a maliciously crafted image may result in disclosure of process memory.

CVE-2022-32823 [MEDIUM] CWE-665 CVE-2022-32823: A memory initialization issue was addressed with improved memory handling. This issue is fixed in iO A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to leak sensitive user information.

CVE-2022-32828 [MEDIUM] CVE-2022-32828: The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15 The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, tvOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel memory.

CVE-2022-32788 [CRITICAL] CWE-120 CVE-2022-32788: A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 8.7, t A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. A remote user may be able to cause kernel code execution.

CVE-2022-32802 [HIGH] CWE-693 CVE-2022-32802: A logic issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, t A logic issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, tvOS 15.6, macOS Monterey 12.5. Processing a maliciously crafted file may lead to arbitrary code execution.

CVE-2022-32908 [HIGH] CWE-787 CVE-2022-32908: A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. A user may be able to elevate privileges.

CVE-2022-32911 [HIGH] CWE-787 CVE-2022-32911: The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, i The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to execute arbitrary code with kernel privileges.

CVE-2022-32864 [MEDIUM] CVE-2022-32864: The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, i The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to disclose kernel memory.

CVE-2022-46709 [CRITICAL] CVE-2022-46709: tvOS 16 Apple Security Update: About the security content of tvOS 16 Product: tvOS Version: 16 CVE: CVE-2022-46709 Component: Wi-Fi Impact: An app may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management.

CVE-2022-32912 [HIGH] CVE-2022-32912: tvOS 16 Apple Security Update: About the security content of tvOS 16 Product: tvOS Version: 16 CVE: CVE-2022-32912 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking.