Apple Watchos 9 vulnerabilities

CVE-2022-46709 [CRITICAL] CVE-2022-46709: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-46709 Component: Wi-Fi Impact: An app may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management.

CVE-2022-32899 [HIGH] CVE-2022-32899: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32899 Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2022-32914 [HIGH] CVE-2022-32914: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32914 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management.

CVE-2022-32889 [HIGH] CVE-2022-32889: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32889 Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2022-32907 [HIGH] CVE-2022-32907: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32907 Component: AppleAVD Impact: An app may be able to execute arbitrary code with kernel privileges Description: This issue was addressed with improved checks.

CVE-2022-32903 [HIGH] CVE-2022-32903: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32903 Component: GPU Drivers Impact: An app may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management.

CVE-2022-32898 [HIGH] CVE-2022-32898: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32898 Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2022-32888 [HIGH] CVE-2022-32888: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32888 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2022-32911 [HIGH] CVE-2022-32911: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32911 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2021-36690 [HIGH] CVE-2021-36690: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2021-36690 Component: CVE-2021-36690

CVE-2022-32866 [HIGH] CVE-2022-32866: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32866 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2022-32908 [HIGH] CVE-2022-32908: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32908 Component: MediaLibrary Impact: A user may be able to elevate privileges Description: A memory corruption issue was addressed with improved input validation.

CVE-2022-42795 [HIGH] CVE-2022-42795: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-42795 Component: Accelerate Framework Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory consumption issue was addressed with improved memory handling.

CVE-2022-32886 [HIGH] CVE-2022-32886: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32886 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2022-32925 [HIGH] CVE-2022-32925: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32925 Component: Wi-Fi Impact: An app may be able to cause unexpected system termination or write kernel memory Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2022-32893 [HIGH] CVE-2022-32893: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32893 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2022-32912 [HIGH] CVE-2022-32912: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32912 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2022-32894 [HIGH] CVE-2022-32894: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32894 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2022-1622 [MEDIUM] CVE-2022-1622: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-1622 Component: CVE-2022-1622

CVE-2022-32928 [MEDIUM] CVE-2022-32928: watchOS 9 Apple Security Update: About the security content of watchOS 9 Product: watchOS 9 CVE: CVE-2022-32928 Component: Exchange Impact: A user in a privileged network position may be able to intercept mail credentials Description: A logic issue was addressed with improved restrictions.